MidnightBSD

Advisories for mozilla

CVE-2000-0421 HIGH

The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.8
CVE-2000-0655 MEDIUM

Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape communicator 4.51
netscape communicator 4.05
netscape communicator 4.6
netscape communicator 4.73
netscape communicator 4.61
mozilla mozilla m15
netscape communicator 4.0
netscape communicator 4.5_beta
netscape communicator 4.08
netscape communicator 4.07
netscape communicator 4.5
netscape communicator 4.7
netscape communicator 4.72
netscape communicator 4.06
CVE-2001-0329 HIGH

Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.4
CVE-2001-0330 HIGH

Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.4
CVE-2001-1401 HIGH

Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1402 HIGH

Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1403 HIGH

Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1404 HIGH

Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1405 LOW

Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1406 LOW

process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1407 HIGH

Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.6
mozilla bugzilla 2.8
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.4
CVE-2001-1490 MEDIUM

Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.6
CVE-2002-0007 HIGH

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2002-0008 HIGH

Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2002-0009 MEDIUM

show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2002-0010 HIGH

Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2002-0011 MEDIUM

Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2002-0354 MEDIUM

The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 6.1
mozilla mozilla 0.9.9
mozilla mozilla 0.9.7
netscape navigator 6.2
mozilla mozilla 1.0
CVE-2002-0593 HIGH

Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 6.0
netscape navigator 6.01
mozilla mozilla 0.9.9
mozilla mozilla 1.0
netscape communicator 6.1
CVE-2002-0594 MEDIUM

Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 6.0
netscape navigator 6.01
netscape navigator 6.1
mozilla mozilla 0.9.9
galeon galeon_browser 1.2.1
netscape navigator 6.2.2
netscape navigator 6.2.1
galeon galeon_browser 1.2
netscape navigator 6.2
mozilla mozilla 1.0
CVE-2002-0803 MEDIUM

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0804 HIGH

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0805 MEDIUM

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0806 LOW

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0807 HIGH

Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0808 HIGH

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0809 HIGH

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0810 MEDIUM

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0811 HIGH

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
CVE-2002-0815 HIGH

The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator *
microsoft internet_explorer 6.0.2900
mozilla mozilla *
CVE-2002-1091 HIGH

Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.7
mozilla mozilla 0.9.6
netscape navigator 6.2.2
netscape navigator 6.2.1
netscape navigator 6.2
opera_software opera_web_browser 6.0.1
opera_software opera_web_browser 6.0
opera_software opera_web_browser 5.12
netscape navigator 6.2.3
mozilla mozilla 1.0
CVE-2002-1126 LOW

Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.7
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 1.1
galeon galeon_browser 1.2.5
mozilla mozilla 0.9.4
galeon galeon_browser 1.2.4
mozilla mozilla 0.9.3
galeon galeon_browser 1.2.6
CVE-2002-1196 HIGH

editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to users via known features of Perl math that set multiple bits.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.14.3
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
mozilla bugzilla 2.14.2
CVE-2002-1197 HIGH

bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.14.3
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
mozilla bugzilla 2.14.2
CVE-2002-1198 HIGH

Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.14.3
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
mozilla bugzilla 2.14.2
mozilla bugzilla 2.14.4
CVE-2002-1308 HIGH

Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.7
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
netscape navigator 6.2.2
netscape navigator 6.2.1
mozilla mozilla 1.1
netscape navigator 6.2
netscape navigator 6.2.3
netscape navigator 7.0
mozilla mozilla 1.0
CVE-2002-2013 MEDIUM

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
netscape navigator 4.77
netscape communicator 4.6
netscape communicator 4.73
netscape communicator 4.61
netscape communicator 4.0
netscape navigator 6.2
mozilla mozilla 0.9.4.1
netscape communicator 4.74
netscape communicator 4.5_beta
netscape navigator 6.1
netscape communicator 4.08
mozilla mozilla 0.9.3
netscape communicator 4.5
netscape communicator 4.7
netscape communicator 4.4
netscape communicator 4.72
netscape communicator 4.06
netscape navigator 6.0
netscape communicator 4.51
mozilla mozilla 0.9.5
netscape communicator 4.75
mozilla mozilla 0.9.6
mozilla mozilla 0.9.2
netscape communicator 4.78
mozilla mozilla 0.9.4
netscape navigator 6.01
netscape communicator 4.77
netscape communicator 4.07
netscape communicator 4.76
CVE-2002-2061 HIGH

Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
netscape navigator 6.2.3
CVE-2002-2260 MEDIUM

Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.16.11
mozilla bugzilla 2.14.4
mozilla bugzilla 2.16.2
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.16.7
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.16.9
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.16.8
mozilla bugzilla 2.17.6
CVE-2002-2314 MEDIUM

Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla mozilla 1.0
CVE-2002-2338 MEDIUM

The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 0.9.7
netscape communicator 4.6
netscape communicator 4.73
netscape communicator 4.61
netscape navigator 6.2.2
netscape communicator 4.0
netscape navigator 6.2
mozilla mozilla 0.9.4.1
netscape communicator 4.74
netscape navigator 6.1
netscape communicator 4.08
mozilla mozilla 0.9.3
netscape communicator 4.5
netscape communicator 4.7
netscape communicator 4.4
netscape communicator 4.72
netscape communicator 4.06
mozilla mozilla 1.0
netscape navigator 6.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
netscape communicator 4.51
mozilla mozilla 0.9.5
netscape communicator 4.75
mozilla mozilla 0.9.6
mozilla mozilla 0.9.2
netscape navigator 6.2.1
mozilla mozilla 0.9.4
netscape navigator 6.01
netscape communicator 4.77
netscape communicator 4.07
netscape communicator 4.76
CVE-2002-2359 MEDIUM

Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla mozilla 1.1
mozilla mozilla 1.0
CVE-2002-2436 MEDIUM

The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 3.5.14
mozilla firefox 3.6.1
mozilla firefox 3.0.6
mozilla firefox 3.0.1
mozilla thunderbird 3.1.14
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 3.5.15
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla thunderbird 3.1.13
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 3.1.9
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.20
mozilla thunderbird 3.1.12
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1.15
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 3.6.19
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2002-2437 MEDIUM

The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 3.5.14
mozilla firefox 3.6.1
mozilla firefox 3.0.6
mozilla firefox 3.0.1
mozilla thunderbird 3.1.14
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 3.5.15
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla thunderbird 3.1.13
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 3.1.9
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.20
mozilla thunderbird 3.1.12
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1.15
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 3.6.19
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2003-0012 LOW

The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
CVE-2003-0013 HIGH

The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.14.1
mozilla bugzilla 2.14
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
CVE-2003-0152 HIGH

Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bonsai 1.3
CVE-2003-0153 MEDIUM

bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bonsai 1.3
CVE-2003-0154 MEDIUM

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bonsai 1.3
CVE-2003-0155 MEDIUM

bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bonsai 1.3
CVE-2003-0298 HIGH

The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors or integer overflow errors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.3
mozilla mozilla 1.4
CVE-2003-0300 MEDIUM

The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.3
ximian evolution 1.2.4
microsoft outlook_express 6.00.2800.1106
qualcomm eudora 5.2.1
university_of_washington pine 4.53
mutt mutt 1.4.1
sylpheed sylpheed_email_client 0.8.11
mozilla mozilla 1.4
stuart_parmenter balsa 2.0.10
CVE-2003-0594 HIGH

Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.3
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.0.1
mozilla mozilla 1.2.1
mozilla mozilla 1.1
mozilla mozilla 1.0.2
mozilla mozilla 1.4.2
mozilla mozilla 1.3.1
mozilla mozilla 1.4
mozilla mozilla 1.0
CVE-2003-0602 MEDIUM

Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.16.1
CVE-2003-0603 LOW

Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
CVE-2003-0791 HIGH

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
mozilla mozilla *
sco openserver 5.0.7
CVE-2003-1042 HIGH

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
CVE-2003-1043 HIGH

SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
CVE-2003-1044 HIGH

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
CVE-2003-1045 MEDIUM

votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
CVE-2003-1046 HIGH

describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
CVE-2003-1265 LOW

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 5.0
netscape navigator 7.0
CVE-2003-1492 MEDIUM

Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
mozilla firefox *
netscape navigator 7.0.2
CVE-2004-0191 MEDIUM

Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 0.9.7
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla mozilla 1.3.1
mozilla mozilla 0.9.3
mozilla mozilla 1.2.1
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla mozilla 0.9.4
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
CVE-2004-0478 LOW

Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrated using an embedded ctrl-U.

CVSS 2.0

Severity: LOW

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla mozilla *
CVE-2004-0648 HIGH

Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla thunderbird *
CVE-2004-0702 MEDIUM

DBI in Bugzilla 2.17.1 through 2.17.7 displays the database password in an error message when the SQL server is not running, which could allow remote attackers to gain sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.17.6
CVE-2004-0703 HIGH

Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.17.6
CVE-2004-0706 LOW

Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.17.6
CVE-2004-0707 HIGH

SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.17.6
CVE-2004-0718 HIGH

The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 7.1
mozilla mozilla 1.6
firebirdsql firebird 0.7
CVE-2004-0722 HIGH

Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 7.1
mozilla mozilla 1.6
netscape navigator 7.0
CVE-2004-0757 HIGH

Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla thunderbird *
CVE-2004-0758 MEDIUM

Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
CVE-2004-0759 MEDIUM

Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
CVE-2004-0760 MEDIUM

Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
CVE-2004-0761 MEDIUM

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla thunderbird *
CVE-2004-0762 MEDIUM

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla thunderbird *
CVE-2004-0763 MEDIUM

Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9.1
mozilla firefox 0.9.2
CVE-2004-0764 HIGH

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla thunderbird *
CVE-2004-0765 HIGH

The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla thunderbird *
CVE-2004-0769 HIGH

Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2004-0779 HIGH

The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.6
firebirdsql firebird 0.7
CVE-2004-0826 HIGH

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla network_security_services 3.4.2
netscape directory_server 4.13
netscape enterprise_server 3.0.1
netscape enterprise_server 3.4
mozilla network_security_services 3.2
netscape directory_server 3.12
sun one_web_server 6.0
hp hp-ux 11.23
netscape directory_server 4.1
netscape enterprise_server 3.6
mozilla network_security_services 3.7
netscape certificate_server 4.2
netscape enterprise_server 2.0a
sun one_web_server 4.1
netscape enterprise_server 3.0.7a
netscape enterprise_server 5.0
sun one_web_server 6.1
mozilla network_security_services 3.9
sun java_enterprise_system 2003q4
mozilla network_security_services 3.2.1
mozilla network_security_services 3.3.2
netscape enterprise_server 3.0.1b
hp hp-ux 11.11
mozilla network_security_services 3.7.5
sun one_application_server 6.0
netscape directory_server 3.1
sun java_system_application_server 7.1
netscape enterprise_server 2.0
mozilla network_security_services 3.8
netscape enterprise_server 3.1
netscape enterprise_server 4.1.1
netscape personalization_engine *
netscape directory_server 4.11
mozilla network_security_services 3.7.7
netscape enterprise_server 3.2
mozilla network_security_services 3.7.1
mozilla network_security_services 3.5
netscape enterprise_server 3.3
hp hp-ux 11.00
mozilla network_security_services 3.7.2
netscape enterprise_server 3.5.1
netscape enterprise_server 4.0
netscape enterprise_server 3.0
mozilla network_security_services 3.6.1
netscape enterprise_server 4.1
netscape enterprise_server 3.5
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla network_security_services 3.7.3
sun java_enterprise_system 2004q2
mozilla network_security_services 3.3
mozilla network_security_services 3.4.1
sun java_system_application_server 7.0
netscape certificate_server 1.0
netscape enterprise_server 3.0l
mozilla network_security_services 3.3.1
netscape enterprise_server 2.0.1c
netscape directory_server 1.3
CVE-2004-0866 HIGH

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.0.2
kde konqueror 3.0.3
suse suse_linux 1.0
mozilla firefox 0.9.2
kde konqueror 3.0
kde konqueror 3.0.1
kde konqueror 3.1.2
microsoft ie 6.0
kde konqueror 3.1
suse suse_linux 8.2
kde konqueror 3.1.3
kde konqueror 3.0.5b
kde konqueror 3.1.4
kde konqueror 3.2.1
kde konqueror 3.0.5
kde konqueror 3.1.1
kde konqueror 3.1.5
kde konqueror 2.2.2
suse suse_linux 8
suse suse_linux 8.1
kde konqueror 2.1.1
kde konqueror 2.1.2
suse suse_linux 9.0
microsoft internet_explorer 6.0
kde konqueror 2.2.1
kde konqueror 3.2.3
CVE-2004-0867 HIGH

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
kde konqueror 3.0.2
kde konqueror 3.0.3
suse suse_linux 1.0
mozilla firefox 0.9.2
kde konqueror 3.0
kde konqueror 3.0.1
kde konqueror 3.1.2
microsoft ie 6.0
kde konqueror 3.1
suse suse_linux 8.2
kde konqueror 3.1.3
kde konqueror 3.0.5b
kde konqueror 3.1.4
kde konqueror 3.2.1
kde konqueror 3.0.5
kde konqueror 3.1.1
kde konqueror 3.1.5
kde konqueror 2.2.2
suse suse_linux 8
suse suse_linux 8.1
kde konqueror 2.1.1
kde konqueror 2.1.2
suse suse_linux 9.0
microsoft internet_explorer 6.0
kde konqueror 2.2.1
kde konqueror 3.2.3
CVE-2004-0871 MEDIUM

Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2
CVE-2004-0902 HIGH

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 10.0
redhat enterprise_linux 2.1
mozilla thunderbird 0.7.1
redhat linux_advanced_workstation 2.1
suse suse_linux 1.0
suse suse_linux 8
mozilla thunderbird 0.7
suse suse_linux 9.1
suse suse_linux 8.1
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
redhat linux 7.3
mozilla mozilla 1.7
redhat linux 9.0
suse suse_linux 8.2
suse suse_linux 9.0
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
conectiva linux 9.0
mozilla thunderbird 0.7.3
redhat fedora_core core_1.0
mozilla mozilla 1.7.1
CVE-2004-0903 HIGH

Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 10.0
redhat enterprise_linux 2.1
mozilla thunderbird 0.7.1
redhat linux_advanced_workstation 2.1
suse suse_linux 1.0
suse suse_linux 8
mozilla thunderbird 0.7
suse suse_linux 9.1
suse suse_linux 8.1
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
redhat linux 7.3
mozilla mozilla 1.7
redhat linux 9.0
suse suse_linux 8.2
suse suse_linux 9.0
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
conectiva linux 9.0
mozilla thunderbird 0.7.3
redhat fedora_core core_1.0
mozilla mozilla 1.7.1
CVE-2004-0904 HIGH

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
conectiva linux 10.0
redhat enterprise_linux 2.1
mozilla thunderbird 0.7.1
mozilla firefox 0.9.2
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
redhat linux 7.3
mozilla mozilla 1.7
redhat linux 9.0
conectiva linux 9.0
redhat fedora_core core_1.0
netscape navigator 7.0
mozilla mozilla 1.7.1
netscape navigator 7.2
redhat linux_advanced_workstation 2.1
netscape navigator 7.1
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla firefox 0.9
mozilla thunderbird 0.6
mozilla firefox 0.9.3
netscape navigator 7.0.2
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
CVE-2004-0905 MEDIUM

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
conectiva linux 10.0
redhat enterprise_linux 2.1
suse suse_linux 1.0
mozilla mozilla 1.1
mozilla mozilla 1.3.1
mozilla firefox 0.9.2
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
redhat linux 7.3
mozilla mozilla 1.7
redhat linux 9.0
suse suse_linux 8.2
mozilla mozilla 1.2.1
conectiva linux 9.0
redhat fedora_core core_1.0
netscape navigator 7.0
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
netscape navigator 7.2
redhat linux_advanced_workstation 2.1
mozilla mozilla 1.0.1
netscape navigator 7.1
mozilla mozilla 1.6
suse suse_linux 8
mozilla firefox 0.9.1
mozilla mozilla 1.0.2
suse suse_linux 9.1
mozilla firefox 0.9
suse suse_linux 8.1
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
suse suse_linux 9.0
netscape navigator 7.0.2
mozilla mozilla 1.7.2
mozilla mozilla 1.4.2
CVE-2004-0906 MEDIUM

The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla thunderbird 0.5
mozilla mozilla 1.3.1
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla thunderbird 0.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla thunderbird 0.7
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla thunderbird 0.3
mozilla mozilla 0.9.4
mozilla thunderbird 0.6
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla mozilla 1.4.2
CVE-2004-0907 MEDIUM

The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla thunderbird 0.5
mozilla mozilla 1.3.1
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla thunderbird 0.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla thunderbird 0.7
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla thunderbird 0.3
mozilla mozilla 0.9.4
mozilla thunderbird 0.6
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla mozilla 1.4.2
CVE-2004-0908 MEDIUM

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla thunderbird 0.5
mozilla mozilla 1.3.1
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla thunderbird 0.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla thunderbird 0.7
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla thunderbird 0.3
mozilla mozilla 0.9.4
mozilla thunderbird 0.6
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla mozilla 1.4.2
CVE-2004-0909 MEDIUM

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla thunderbird 0.5
mozilla mozilla 1.3.1
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla thunderbird 0.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla thunderbird 0.7
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla thunderbird 0.3
mozilla mozilla 0.9.4
mozilla thunderbird 0.6
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla mozilla 1.4.2
CVE-2004-1061 MEDIUM

Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17.7
mozilla bugzilla 2.17
mozilla bugzilla 2.16.7
mozilla bugzilla 2.16.5
mozilla bugzilla 2.16.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.16.11
mozilla bugzilla 2.17.4
mozilla bugzilla 2.16.9
mozilla bugzilla 2.17.5
mozilla bugzilla 2.16.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16.6
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.8
mozilla bugzilla 2.17.6
mozilla bugzilla 2.16.4
CVE-2004-1156 MEDIUM

Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla mozilla 1.3.1
mozilla firefox 0.9.2
mozilla mozilla 0.9.3
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 1.7.3
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla mozilla 0.9.4
mozilla firefox 0.9
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.4.2
CVE-2004-1200 MEDIUM

Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox preview_release
mozilla firefox 0.9.3
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2004-1316 MEDIUM

Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.4.1
mozilla mozilla 1.5.1
mozilla mozilla 1.7
mozilla mozilla 1.6
mozilla mozilla 1.7.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2004-1380 MEDIUM

Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla *
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2004-1381 MEDIUM

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla *
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2004-1449 LOW

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla thunderbird 0.4
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
firebirdsql firebird 0.7
mozilla thunderbird 0.5
mozilla mozilla 1.3.1
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.2.1
mozilla thunderbird 0.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla thunderbird 0.3
mozilla mozilla 0.9.4
mozilla thunderbird 0.6
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.4.2
CVE-2004-1450 MEDIUM

Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.7
CVE-2004-1451 LOW

Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla mozilla 1.3.1
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.2.1
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.0
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla mozilla 0.9.4
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.4.2
CVE-2004-1613 MEDIUM

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.3
redhat enterprise_linux 2.1
mozilla mozilla 1.1
sgi propack 3.0
mozilla mozilla 1.3.1
redhat enterprise_linux_desktop 3.0
redhat enterprise_linux 3.0
redhat linux 7.3
mozilla mozilla 1.4.4
mozilla mozilla 1.7
redhat linux 9.0
mozilla mozilla 1.2.1
redhat fedora_core core_1.0
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla 1.7.3
redhat linux_advanced_workstation 2.1
mozilla mozilla 1.0.1
mozilla mozilla 1.6
redhat fedora_core core_2.0
mozilla mozilla 1.0.2
mozilla mozilla 1.8
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.7.2
mozilla mozilla 1.4.2
CVE-2004-1614 MEDIUM

Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.0.1
mozilla mozilla 1.6
mozilla mozilla 1.1
mozilla mozilla 1.0.2
mozilla mozilla 1.3.1
mozilla mozilla 1.8
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla mozilla 1.7.2
mozilla mozilla 1.4.2
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
CVE-2004-1633 MEDIUM

process_bug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does not check edit permissions on the keywords field, which allows remote authenticated users to modify the keywords in a bug via the keywordaction parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19
mozilla bugzilla 2.16.2
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.4
mozilla bugzilla 2.9
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.17.6
CVE-2004-1634 MEDIUM

show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.8
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.17.6
CVE-2004-1753 LOW

The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 7.2
netscape navigator 7.1
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
CVE-2004-2225 MEDIUM

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox preview_release
mozilla firefox 0.9.3
mozilla firefox 0.9.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2004-2226 MEDIUM

Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 0.8
mozilla thunderbird 1.7.3
mozilla thunderbird 1.7.1
CVE-2004-2227 MEDIUM

Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 0.9.3
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2004-2657 LOW

Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.1
CVE-2004-2659 MEDIUM

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla mozilla -
opera opera_browser -
CVE-2005-0141 LOW

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla mozilla 1.7.3
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
mozilla firefox 0.9.1
mozilla mozilla 1.7.1
mozilla firefox 0.9.2
CVE-2005-0142 LOW

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla thunderbird 0.8
mozilla thunderbird 0.6
mozilla mozilla 1.7.3
mozilla mozilla 1.7
mozilla mozilla 1.7.2
mozilla thunderbird 0.7
mozilla mozilla 1.7.1
CVE-2005-0143 LOW

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla mozilla 0.9.7
mozilla mozilla 1.1
mozilla mozilla 0.9.4.1
mozilla mozilla 0.9.48
mozilla mozilla 1.3.1
mozilla firefox 0.9.2
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.7
mozilla mozilla 1.2.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.0
mozilla mozilla *
mozilla mozilla 0.9.9
mozilla mozilla 0.9.8
mozilla mozilla 1.7.3
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 1.0.1
mozilla mozilla 0.9.2
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla mozilla 1.0.2
mozilla mozilla 0.8
mozilla mozilla 0.9.4
mozilla mozilla 1.8
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.4.2
CVE-2005-0144 LOW

Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla mozilla 1.7.3
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
mozilla firefox 0.9.1
mozilla mozilla 1.7.1
mozilla firefox 0.9.2
CVE-2005-0145 LOW

Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-0146 MEDIUM

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla mozilla 1.7.3
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
mozilla firefox 0.9.1
mozilla mozilla 1.7.1
mozilla firefox 0.9.2
CVE-2005-0147 HIGH

Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla mozilla 1.7.3
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla mozilla 1.7.2
mozilla firefox 0.9.1
mozilla mozilla 1.7.1
mozilla firefox 0.9.2
CVE-2005-0148 MEDIUM

Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is installed on the user's system. NOTE: since the invocation between multiple products is a common practice, and the vulnerabilities inherent in multi-product interactions are not easily enumerable, this issue might be REJECTED in the future.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 0.8
mozilla thunderbird 0.6
mozilla thunderbird 0.7
CVE-2005-0149 MEDIUM

Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 0.6
mozilla mozilla 1.7.3
mozilla thunderbird 0.7.1
mozilla mozilla 1.7
mozilla thunderbird 0.9
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7
mozilla thunderbird 0.7.3
mozilla mozilla 1.7.1
CVE-2005-0150 MEDIUM

Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-0215 MEDIUM

Mozilla 1.6 and possibly other versions allows remote attackers to cause a denial of service (application crash) via a XBM (X BitMap) file with a large (1) height or (2) width value.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.6
CVE-2005-0230 MEDIUM

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0
CVE-2005-0231 LOW

Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0
CVE-2005-0232 LOW

Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0
CVE-2005-0233 HIGH

The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla mozilla *
opera opera_browser *
mozilla camino 0.8.5
mozilla firefox 1.0
omnigroup omniweb 5
opera_software opera_web_browser 7.54
CVE-2005-0238 MEDIUM

The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
gnome epiphany *
opera opera_browser *
mozilla camino 0.8.5
omnigroup omniweb 5
CVE-2005-0255 MEDIUM

String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla mozilla 1.7.3
mozilla thunderbird 0.4
mozilla thunderbird 0.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 0.6
mozilla firefox 1.0
mozilla thunderbird 0.9
mozilla thunderbird 0.2
CVE-2005-0399 MEDIUM

Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla thunderbird 0.5
mozilla firefox 0.9.2
mozilla thunderbird 0.8
mozilla mozilla 1.7
mozilla thunderbird 0.9
mozilla firefox 0.10.1
mozilla thunderbird 0.2
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla thunderbird 0.6
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
CVE-2005-0401 MEDIUM

FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0402 LOW

Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-0527 MEDIUM

Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0
CVE-2005-0578 LOW

Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0584 LOW

Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0585 LOW

Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0586 LOW

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0587 LOW

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
CVE-2005-0588 MEDIUM

Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0589 MEDIUM

The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-0590 MEDIUM

The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla mozilla 1.3
mozilla mozilla 1.5.1
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla thunderbird 0.5
mozilla firefox 0.9.2
mozilla thunderbird 0.8
mozilla mozilla 1.7
mozilla thunderbird 0.9
mozilla firefox 0.10.1
mozilla thunderbird 0.2
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla thunderbird 0.6
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
CVE-2005-0591 LOW

Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-0592 HIGH

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0593 LOW

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-0752 HIGH

The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-0989 MEDIUM

The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
netscape navigator 7.2
mozilla firefox 1.0.1
mozilla mozilla 1.7.6
CVE-2005-1153 HIGH

Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1154 HIGH

Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1155 HIGH

The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1156 HIGH

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
netscape navigator 7.2
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1157 HIGH

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
netscape navigator 7.2
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1158 MEDIUM

Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.9
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 0.9.2
CVE-2005-1159 HIGH

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1160 MEDIUM

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
CVE-2005-1476 MEDIUM

Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined with CVE-2005-1477.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2005-1477 MEDIUM

The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.3
CVE-2005-1531 HIGH

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla *
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla firefox 1.0.3
mozilla mozilla 1.4.1
mozilla mozilla 1.7
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.7
CVE-2005-1532 HIGH

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-1563 MEDIUM

Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.16.7
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.16.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.18
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.16.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 2.19.2
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.8
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
CVE-2005-1564 HIGH

post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to "enter bugs into products that are closed for bug entry" by modifying the URL to specify the name of the product.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.16.2
mozilla bugzilla 2.19.2
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.19.1
mozilla bugzilla 2.17.6
CVE-2005-1565 MEDIUM

Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is prompted to log in while attempting to view a chart, displays the password in the URL, which may allow local users to gain sensitive information from web logs or browser history.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 2.16.2
mozilla bugzilla 2.19.2
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.4
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17
mozilla bugzilla 2.14
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.1
mozilla bugzilla 2.16
mozilla bugzilla 2.19.1
mozilla bugzilla 2.17.6
CVE-2005-1575 MEDIUM

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0
mozilla firefox 0.10.1
CVE-2005-1576 LOW

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0
mozilla firefox 0.10.1
CVE-2005-1937 LOW

A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.3
mozilla mozilla 1.7.7
CVE-2005-2114 MEDIUM

Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla camino 0.8.4
mozilla mozilla 1.7.8
mozilla firefox 1.0.4
CVE-2005-2173 MEDIUM

The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2.18.1 and 2.19.1 to 2.19.3 do not verify that the flag ID is appropriate for the given bug or attachment ID, which allows users to change flags on arbitrary bugs and obtain a bug summary via process_bug.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17.7
mozilla bugzilla 2.19.3
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.17.5
mozilla bugzilla 2.19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.19.1
mozilla bugzilla 2.19.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.1
CVE-2005-2174 LOW

Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.17.7
mozilla bugzilla 2.19.3
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.17.5
mozilla bugzilla 2.19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.19.1
mozilla bugzilla 2.19.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.1
CVE-2005-2260 HIGH

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2261 HIGH

Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla mozilla 1.7.8
mozilla thunderbird 0.5
mozilla firefox 0.9.2
mozilla thunderbird 0.8
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla thunderbird 0.9
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla thunderbird 0.2
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla thunderbird 0.1
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla thunderbird 1.0.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla thunderbird 0.6
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla mozilla 1.7.7
CVE-2005-2262 MEDIUM

Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.3
mozilla firefox 1.0.4
CVE-2005-2263 MEDIUM

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2264 HIGH

Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla firefox 1.0.3
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
CVE-2005-2265 MEDIUM

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2266 MEDIUM

Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2267 HIGH

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9
mozilla firefox 1.0.3
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
CVE-2005-2268 LOW

Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2269 HIGH

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing").

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2270 HIGH

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla mozilla 1.3
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.8
mozilla firefox 0.9.2
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla 1.7.3
mozilla mozilla 1.6
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla mozilla 1.7.7
CVE-2005-2353 LOW

run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.5.0.9
CVE-2005-2395 MEDIUM

Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.4
mozilla firefox 1.0.5
CVE-2005-2429 MEDIUM

Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 2.0
CVE-2005-2602 LOW

Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
CVE-2005-2701 HIGH

Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2702 HIGH

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2703 MEDIUM

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2704 MEDIUM

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2705 HIGH

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2706 MEDIUM

Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2707 MEDIUM

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.0
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.10
CVE-2005-2871 HIGH

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla firefox 1.0.3
mozilla firefox 1.0.2
mozilla firefox 1.5
mozilla firefox 1.0
mozilla firefox 1.0.1
mozilla firefox 1.0.4
mozilla firefox 1.0.5
CVE-2005-2968 HIGH

Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla mozilla 1.7.10
CVE-2005-3089 LOW

Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla firefox 1.0.3
mozilla firefox 1.0.2
mozilla firefox 1.0
mozilla firefox 1.0.1
mozilla firefox 1.0.4
mozilla firefox 1.0.5
CVE-2005-3138 MEDIUM

Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows remote attackers to obtain sensitive information such as the list of installed products via the config.cgi file, which is accessible even when the requirelogin parameter is set.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.18.2
mozilla bugzilla 2.19
mozilla bugzilla 2.19.1
mozilla bugzilla 2.19.2
mozilla bugzilla 2.18.3
mozilla bugzilla 2.21
mozilla bugzilla 2.20
mozilla bugzilla 2.19.3
mozilla bugzilla 2.18
mozilla bugzilla 2.18.1
CVE-2005-3139 MEDIUM

Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.19.1
mozilla bugzilla 2.19.2
mozilla bugzilla 2.21
mozilla bugzilla 2.20
mozilla bugzilla 2.19.3
CVE-2005-3402 LOW

The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers to obtain authentication information without detection via a man-in-the-middle (MITM) attack that bypasses TLS authentication or downgrades CRAM-MD5 authentication to plain authentication.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0.5
mozilla thunderbird 1.0.7
CVE-2005-3896 HIGH

Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla *
CVE-2005-4134 MEDIUM

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator *
k-meleon_project k-meleon 0.8
k-meleon_project k-meleon 0.8.1
mozilla firefox *
netscape navigator 7.2
netscape navigator 7.1
k-meleon_project k-meleon 0.7
k-meleon_project k-meleon 0.8.2
k-meleon_project k-meleon *
k-meleon_project k-meleon 0.7_service_pack_1
mozilla mozilla_suite *
CVE-2005-4534 HIGH

The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.9
mozilla bugzilla 2.14.1
mozilla bugzilla 2.10
mozilla bugzilla 2.14
mozilla bugzilla 2.16.7
mozilla bugzilla 2.12
mozilla bugzilla 2.16.5
mozilla bugzilla 2.16.10
mozilla bugzilla 2.16.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.14.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.16.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.14.5
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.16.8
mozilla bugzilla 2.16.4
CVE-2005-4685 MEDIUM

Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 0.9.2.1
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla mozilla 1.5.1
mozilla mozilla 1.7.10
mozilla mozilla 0.9.4.1
mozilla mozilla 1.7.8
mozilla firefox 1.0.3
mozilla mozilla 1.4.4
mozilla mozilla 0.9.3
mozilla mozilla 1.2.1
mozilla firefox 1.0.4
mozilla mozilla 1.5
mozilla mozilla 1.7.1
mozilla mozilla m16
mozilla mozilla 0.9.9
mozilla mozilla 1.7.3
mozilla mozilla 1.0.1
mozilla mozilla m15
mozilla firefox 1.0.1
mozilla mozilla 1.7.9
mozilla mozilla 0.8
mozilla mozilla 0.9.4
mozilla mozilla 1.7.5
mozilla mozilla 0.9.35
mozilla mozilla 1.2
mozilla firefox 1.0
mozilla mozilla 1.7.7
mozilla firefox 1.0.6
mozilla mozilla 1.3
mozilla mozilla 0.9.7
mozilla mozilla 1.1
mozilla mozilla 0.9.48
mozilla firefox 1.0.5
mozilla mozilla 1.3.1
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 1.5
mozilla mozilla 1.7
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.0
mozilla firefox preview_release
mozilla mozilla 0.9.8
mozilla mozilla 0.9.5
mozilla mozilla 0.9.6
mozilla mozilla 0.9.2
mozilla mozilla 1.6
mozilla firefox 0.9.1
mozilla mozilla 1.0.2
mozilla mozilla 1.8
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla mozilla 1.7.11
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla mozilla 1.7.4
mozilla mozilla 1.7.2
mozilla mozilla 1.4.2
mozilla mozilla 1.7.12
CVE-2005-4720 MEDIUM

Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla firefox 1.0.7
CVE-2005-4809 MEDIUM

Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox preview_release
mozilla mozilla 1.7.3
mozilla thunderbird 0.7.1
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla firefox 0.9.2
mozilla mozilla 1.7.6
mozilla firefox 0.9
mozilla thunderbird 0.8
mozilla mozilla 1.7.5
mozilla thunderbird 0.6
mozilla firefox 0.9.3
mozilla mozilla 1.7.4
mozilla firefox 1.0
mozilla thunderbird 0.9
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 0.10.1
mozilla thunderbird 1.0.1
mozilla firefox 0.10
CVE-2005-4874 MEDIUM

The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla mozilla 1.7.8
CVE-2006-0236 MEDIUM

GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an inconsistent Content-Type header, which could be used to trick a user into downloading dangerous content by dragging or saving the attachment.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.0.5
mozilla thunderbird 1.0.7
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
CVE-2006-0292 HIGH

The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 1.0.5
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 0.9
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla mozilla 1.4.1
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla mozilla 1.4
mozilla mozilla 1.5
CVE-2006-0293 HIGH

The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5
CVE-2006-0294 HIGH

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 1.0.5
mozilla thunderbird 1.5
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 0.9
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 0.9.3
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
CVE-2006-0295 MEDIUM

Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.5
CVE-2006-0296 MEDIUM

The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 1.0.5
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 0.9
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 0.9.3
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
CVE-2006-0297 MEDIUM

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.5
CVE-2006-0298 MEDIUM

The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 1.5
mozilla seamonkey 1.0
CVE-2006-0299 MEDIUM

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.5
CVE-2006-0496 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding (Cascading Style Sheets) CSS property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla mozilla 1.7.3
mozilla firefox 1.0.2
mozilla mozilla 1.7.10
mozilla firefox 1.0.1
mozilla mozilla 1.7.8
mozilla firefox 1.0.5
mozilla firefox 1.0.7
mozilla mozilla 1.7.6
mozilla mozilla 1.7.11
mozilla mozilla 1.7.5
mozilla firefox 1.0.3
mozilla mozilla 1.7
mozilla firefox 1.0
mozilla mozilla 1.7.2
mozilla firefox 1.0.4
mozilla mozilla 1.7.12
mozilla mozilla 1.7.1
mozilla mozilla 1.7.7
CVE-2006-0748 HIGH

Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox preview_release
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.5.0.1
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
CVE-2006-0749 HIGH

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite *
CVE-2006-0836 LOW

Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.5
CVE-2006-0884 HIGH

The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla thunderbird 0.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla thunderbird 0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 0.8
mozilla thunderbird 0.6
mozilla thunderbird 1.0.5
mozilla thunderbird *
mozilla thunderbird 0.9
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.6
mozilla thunderbird 0.2
mozilla thunderbird 1.0.1
CVE-2006-0913 MEDIUM

SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.3
mozilla bugzilla 2.18.2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.18.3
mozilla bugzilla 2.20
mozilla bugzilla 2.19.3
mozilla bugzilla 2.21.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.17.5
mozilla bugzilla 2.19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.19.1
mozilla bugzilla 2.19.2
mozilla bugzilla 2.21
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.1
mozilla bugzilla 2.18.4
CVE-2006-0914 MEDIUM

Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla bugzilla 2.18.2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.3
mozilla bugzilla 2.16.10
mozilla bugzilla 2.20
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18
mozilla bugzilla 2.17.5
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.1
mozilla bugzilla 2.18.4
CVE-2006-0915 HIGH

Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameters in attachment.cgi, which allows remote attackers to trigger a SQL error.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.16.10
CVE-2006-0916 HIGH

Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 2.21
mozilla bugzilla 2.20
mozilla bugzilla 2.19.3
mozilla bugzilla 2.21.1
mozilla bugzilla 2.21.2
CVE-2006-1045 LOW

The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.5
CVE-2006-1273 HIGH

Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which triggers the crash when the user views the page source. NOTE: Red Hat has disputed this issue, suggesting that "It is likely the reporter was running the IE Tab extension," and Mozilla also confirmed that this is not an issue in Firefox itself

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.1
mozilla firefox 1.0.7
CVE-2006-1529 HIGH

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox preview_release
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.5.0.1
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
CVE-2006-1530 HIGH

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
debian debian_linux 3.1
CVE-2006-1531 HIGH

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
debian debian_linux 3.1
CVE-2006-1650 MEDIUM

Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: a followup was unable to replicate this issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.1
CVE-2006-1723 HIGH

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox preview_release
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.5.0.1
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
CVE-2006-1724 HIGH

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
debian debian_linux 3.1
mozilla mozilla_suite *
CVE-2006-1725 LOW

Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2006-1726 HIGH

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox preview_release
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.5.0.1
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.0.7
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
CVE-2006-1727 HIGH

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 5.10
canonical ubuntu_linux 5.04
canonical ubuntu_linux 4.10
mozilla mozilla_suite *
CVE-2006-1728 HIGH

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 5.10
canonical ubuntu_linux 5.04
canonical ubuntu_linux 4.10
mozilla mozilla_suite *
CVE-2006-1729 MEDIUM

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
canonical ubuntu_linux 5.10
canonical ubuntu_linux 5.04
canonical ubuntu_linux 4.10
mozilla mozilla_suite *
CVE-2006-1730 HIGH

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.12
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla firefox 1.5.0.1
mozilla seamonkey 1.0
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1731 MEDIUM

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1732 MEDIUM

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey 1.0
mozilla thunderbird 1.0.7
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
CVE-2006-1733 MEDIUM

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1734 MEDIUM

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1735 HIGH

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1736 LOW

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1737 HIGH

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.12
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1738 MEDIUM

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.12
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1739 HIGH

The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla mozilla_suite 1.7.12
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1740 LOW

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1741 MEDIUM

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 1.5
mozilla seamonkey *
canonical ubuntu_linux 5.10
canonical ubuntu_linux 5.04
canonical ubuntu_linux 4.10
mozilla mozilla_suite *
CVE-2006-1742 MEDIUM

The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla mozilla_suite 1.7.7
mozilla thunderbird 1.5
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla seamonkey *
mozilla thunderbird *
mozilla mozilla_suite 1.7.6
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla mozilla_suite *
mozilla mozilla_suite 1.7.8
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla thunderbird 1.0.2
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla mozilla_suite 1.7.11
mozilla thunderbird 1.0.1
mozilla mozilla_suite 1.7.10
CVE-2006-1790 HIGH

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 1.0.7
CVE-2006-1901 MEDIUM

Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference and application crash or hang) via HTML with certain improperly nested elements. NOTE: this might be the same issue as CVE-2006-1724.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla camino 0.8.4
mozilla camino 0.9
mozilla camino 0.4
mozilla camino 0.6
mozilla camino 0.8.2
mozilla camino 0.3
mozilla camino 1.0
mozilla camino 0.5
mozilla camino 0.7
mozilla camino 0.8.1
mozilla camino 0.1
mozilla camino 0.8
mozilla camino 0.2
mozilla camino 0.8.3
CVE-2006-1942 MEDIUM

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape navigator 8.1
netscape navigator 7.2
netscape navigator 8.0.40
k-meleon_project k-meleon 0.9.13
mozilla firefox 1.5.0.2
CVE-2006-1993 MEDIUM

Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.2
CVE-2006-2057 MEDIUM

Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-88,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
CVE-2006-2332 LOW

Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.3
CVE-2006-2420 MEDIUM

Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cross-site scripting (XSS) attacks via a title element with HTML encoded sequences such as "&gt;", which are automatically decoded by some RSS readers. NOTE: this issue is not in Bugzilla itself, but rather due to design or documentation inconsistencies within RSS, or implementation vulnerabilities in RSS readers. While this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 2.21
mozilla bugzilla 2.20
mozilla bugzilla 2.21.1
CVE-2006-2538 LOW

IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ie_tab ie_tab 1.0.9
mozilla firefox 1.5.0.3
CVE-2006-2613 MEDIUM

Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.1
netscape navigator 8.1
netscape navigator 7.2
mozilla mozilla_suite 1.7.13
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
CVE-2006-2723 MEDIUM

Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 2.0
CVE-2006-2775 HIGH

Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla thunderbird 0.8
mozilla firefox *
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla firefox 0.10.1
mozilla thunderbird 0.2
mozilla firefox 0.10
mozilla thunderbird 0.1
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
CVE-2006-2776 HIGH

Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla thunderbird 0.8
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla firefox 0.10.1
mozilla thunderbird 0.2
mozilla firefox 0.10
mozilla thunderbird 0.1
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla thunderbird 0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.9.3
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
CVE-2006-2777 HIGH

Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox *
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla seamonkey *
mozilla firefox 0.9.3
mozilla seamonkey 1.0
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
CVE-2006-2778 MEDIUM

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2006-2779 HIGH

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox 1.0.2
mozilla firefox 1.5.1
mozilla firefox 1.5.3
mozilla thunderbird 0.7.1
mozilla firefox 1.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla thunderbird 0.8
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox preview_release
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla thunderbird 0.7
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5.1
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla thunderbird 0.6
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
CVE-2006-2780 HIGH

Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2006-2781 MEDIUM

Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey *
mozilla thunderbird *
CVE-2006-2782 MEDIUM

Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2006-2783 MEDIUM

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2006-2784 MEDIUM

The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2006-2785 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2006-2786 LOW

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2006-2787 HIGH

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.0.6
mozilla thunderbird 1.0
mozilla firefox preview_release
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.0.5
mozilla thunderbird 1.0.2
mozilla thunderbird 1.5
mozilla firefox 1.0.7
mozilla firefox 1.5.0.1
mozilla firefox 1.0.3
mozilla thunderbird 1.0.5
mozilla firefox 1.5
mozilla thunderbird 1.0.7
mozilla firefox 1.0
mozilla thunderbird 1.0.4
mozilla firefox 1.0.4
mozilla thunderbird 1.0.6
mozilla thunderbird 1.0.1
CVE-2006-2788 HIGH

Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox preview_release
mozilla firefox 1.0.2
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
CVE-2006-2894 MEDIUM

Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
netscape navigator *
mozilla firefox 1.5.0.4
mozilla firefox *
mozilla seamonkey *
mozilla mozilla_suite 1.7.13
mozilla seamonkey 1.0.2
CVE-2006-3352 MEDIUM

Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.5.0.4
mozilla firefox 1.0.2
mozilla firefox 1.5.1
mozilla firefox 1.5.3
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox preview_release
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.9.3
mozilla firefox 2.0
mozilla firefox 1.0
CVE-2006-3731 LOW

Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
CVE-2006-4253 HIGH

Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.5.0.4
mozilla firefox 1.0.2
mozilla firefox 1.5.0.6
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 1.0.7
netscape navigator 8.1
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.0.5
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.9.3
mozilla firefox 1.0
k-meleon_project k-meleon 1.0.1
CVE-2006-4340 MEDIUM

Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla network_security_services *
CVE-2006-4561 HIGH

Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker and that has a domain name under the attacker's control, which can force the browser to drop DNS pinning and perform a new DNS query for the domain name after the script is already running.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.6
CVE-2006-5159 HIGH

Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released a follow-up comment disputing the severity of this issue, in which the researcher states that "we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this... I have not succeeded in making this code do anything more than cause a crash and eat up system resources"

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.0.2
mozilla firefox 1.5.3
mozilla firefox 1.5.6
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox preview_release
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 2.0
mozilla firefox 1.0
mozilla firefox 1.5.7
CVE-2006-5160 HIGH

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.0.2
mozilla firefox 1.5.3
mozilla firefox 1.5.6
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox preview_release
mozilla firefox 1.0.1
mozilla firefox 0.9.1
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 2.0
mozilla firefox 1.0
mozilla firefox 1.5.7
CVE-2006-5783 HIGH

Firefox 1.5.0.7 on Kubuntu Linux allows remote attackers to cause a denial of service (crash) via a long URL in an A tag. NOTE: this issue has been disputed by several vendors, who could not reproduce the report. In addition, the scope of the impact - system freeze - suggests an issue that is not related to Firefox. Due to this impact, CVE concurs with the dispute

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.7
CVE-2006-6499 MEDIUM

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
debian debian_linux 4.0
mozilla firefox *
canonical ubuntu_linux 6.06
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 6.10
canonical ubuntu_linux 5.10
debian debian_linux 3.1
CVE-2006-6971 MEDIUM

Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.1
CVE-2007-3511 MEDIUM

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 1.0.99
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.2
mozilla firefox 2.0.0.5
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla seamonkey *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.0
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.5
mozilla firefox 1.5.0.12
mozilla firefox 2.0.0.4
mozilla seamonkey 1.0.1
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1
CVE-2007-3657 MEDIUM

Mozilla Firefox 2.0.0.4 allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. NOTE: this issue has been disputed by third party researchers, stating that "this does not crash on me, and I can't see a likely mechanism of action that would lead to a DoS condition.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.4
CVE-2007-3845 HIGH

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.5
mozilla firefox 2.0.0.5
CVE-2007-5339 MEDIUM

Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2007-5340 MEDIUM

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2007-5341 HIGH

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2007-5960 MEDIUM

Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 2.0.0.6
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 1.0.3
mozilla seamonkey *
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.11
mozilla firefox 1.5.0.5
mozilla firefox 2.0.0.7
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 1.5.0.7
mozilla firefox 1.8
mozilla firefox 2.0
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 1.5.3
mozilla firefox 1.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 0.9.1
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 1.5.7
CVE-2008-0412 HIGH

The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2008-0413 HIGH

The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2008-0414 MEDIUM

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2008-0415 MEDIUM

Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2008-0416 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-length non-ASCII sequences" in certain Asian character sets.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2008-1238 MEDIUM

Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2008-1380 HIGH

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.6
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox *
mozilla firefox 2.0.0.9
mozilla seamonkey *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0.0.9
mozilla seamonkey 1.0.99
mozilla firefox 2.0.0.12
mozilla seamonkey 1.0.7
mozilla firefox 2.0.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla thunderbird 2.0.0.1
mozilla firefox 2.0.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.4
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1
CVE-2008-3836 HIGH

feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla firefox 1.0.3
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.11
mozilla firefox 1.5.0.5
mozilla firefox 2.0.0.12
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 1.5.0.7
mozilla firefox 1.8
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 1.0
mozilla firefox 0.9_rc
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.5.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.11
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox *
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 0.9.1
mozilla firefox 2.0.0.10
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.1
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 1.5.7
CVE-2008-5012 MEDIUM

Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 2.0.0.15
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.4
mozilla firefox 1.5.0.11
mozilla firefox 1.5.0.5
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla thunderbird 1.0.6
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 1.0.8
mozilla thunderbird 1.7.3
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.99
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 1.8
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla thunderbird 1.5.0.7
mozilla firefox 0.9_rc
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla firefox 1.5.7
mozilla seamonkey 1.1.8
CVE-2008-5016 MEDIUM

The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 1.1.11
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.1
mozilla thunderbird 2.0.0.9
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla seamonkey 1.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla seamonkey 1.1
CVE-2008-5019 MEDIUM

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 4.0
canonical ubuntu_linux 8.04
mozilla firefox *
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.10
canonical ubuntu_linux 7.10
CVE-2008-5021 HIGH

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,

Products Affected

Vendor Product Version
suse linux_enterprise_debuginfo 10
debian debian_linux 4.0
canonical ubuntu_linux 8.04
canonical ubuntu_linux 6.06
suse linux_enterprise_software_development_kit 10
suse linux_enterprise_server 9
opensuse opensuse 10.2
canonical ubuntu_linux 8.10
novell open_enterprise_server -
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
opensuse opensuse 10.3
fedoraproject fedora 8
novell linux_desktop 9
canonical ubuntu_linux 7.10
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
fedoraproject fedora 9
opensuse opensuse 11.0
CVE-2008-5504 HIGH

Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.15
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.10
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.3
mozilla firefox *
mozilla firefox 2.0.0.9
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 2.0.0.4
CVE-2008-5511 MEDIUM

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 4.0
canonical ubuntu_linux 8.04
mozilla firefox *
canonical ubuntu_linux 6.06
debian debian_linux 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 8.10
canonical ubuntu_linux 7.10
CVE-2008-5513 MEDIUM

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 4.0
canonical ubuntu_linux 8.04
mozilla firefox *
debian debian_linux 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 8.10
canonical ubuntu_linux 7.10
CVE-2008-7292 LOW

Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 2.22.1
mozilla bugzilla 2.22
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20
mozilla bugzilla 2.20.4
mozilla bugzilla 2.22.2
mozilla bugzilla 3.0
mozilla bugzilla 3.0.2
mozilla bugzilla 2.20.3
mozilla bugzilla 3.0.1
mozilla bugzilla 2.20.2
CVE-2008-7293 MEDIUM

Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.5.1
mozilla firefox 3.0.15
mozilla firefox 3.6.17
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2009-0354 LOW

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 3.0.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 3.0.5
mozilla firefox 3.0.4
mozilla firefox 3.0.1
CVE-2009-0356 MEDIUM

Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.5.0.4
mozilla firefox 2.0_.10
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 2.0.0.6
mozilla firefox 1.5.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 1.0.3
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 2.0_.7
mozilla firefox 1.8
mozilla firefox 0.2
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 1.0
mozilla firefox 2.0_.5
mozilla firefox 2.0.0.4
mozilla firefox 2.0_.1
mozilla firefox 2.0.0.8
mozilla firefox 0.9_rc
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.5.3
mozilla firefox 2.0_.9
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 1.5.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox *
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 0.6.1
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 0.9.1
mozilla firefox 2.0.0.10
mozilla firefox 2.0_.4
mozilla firefox 0.9
mozilla firefox 2.0_.6
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 1.5.7
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 2.0_8
CVE-2009-0581 MEDIUM

Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
mozilla firefox 3.1
sun openjdk *
gimp gimp *
littlecms little_cms *
CVE-2009-0723 HIGH

Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox 3.1
sun openjdk *
gimp gimp *
littlecms little_cms *
CVE-2009-0733 HIGH

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox 3.1
sun openjdk *
gimp gimp *
littlecms little_cms *
CVE-2009-0771 HIGH

The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 2.0.0.6
mozilla firefox 1.5.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 1.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla seamonkey 1.1.2
mozilla firefox 1.5.0.7
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla firefox 1.0
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.0.6
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 3.0.5
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.0.12
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2009-1308 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 1.5.0.4
mozilla firefox 2.0_.10
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 2.0.0.6
mozilla firefox 1.5.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 1.0.3
mozilla seamonkey *
mozilla firefox 3.0.6
mozilla firefox 1.0.8
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 2.0_.7
mozilla firefox 1.8
mozilla firefox 0.2
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 1.0
mozilla firefox 2.0_.5
mozilla firefox 2.0.0.20
mozilla firefox 2.0.0.4
mozilla firefox 2.0_.1
mozilla firefox 2.0.0.8
mozilla firefox 0.9_rc
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.5.3
mozilla firefox 2.0_.9
mozilla firefox 3.0.5
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 1.5.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 0.9.2
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.19
mozilla firefox *
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.8
mozilla firefox 0.6.1
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 0.9.1
mozilla firefox 3.0beta5
mozilla firefox 2.0.0.10
mozilla firefox 3.0.7
mozilla firefox 2.0_.4
mozilla firefox 0.9
mozilla firefox 2.0_.6
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 2.0.0.21
mozilla firefox 1.5.7
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 2.0_8
CVE-2009-1313 HIGH

The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.0.9
CVE-2009-1571 HIGH

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.6
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2009-1837 HIGH

Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 5.0
redhat enterprise_linux 5.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_eus 5.3
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_workstation 4.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_aus 5.3
redhat enterprise_linux 4.0
fedoraproject fedora 10
redhat enterprise_linux_eus 4.8
redhat enterprise_linux_server 4.0
fedoraproject fedora 9
CVE-2009-2408 MEDIUM

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
canonical ubuntu_linux 8.04
debian debian_linux 5.0
suse linux_enterprise_server 9
canonical ubuntu_linux 8.10
opensuse opensuse *
canonical ubuntu_linux 9.04
mozilla network_security_services *
suse linux_enterprise 11.0
suse linux_enterprise 10.0
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2009-2409 MEDIUM

The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
gnu gnutls 1.1.15
gnu gnutls 2.4.0
gnu gnutls 2.6.0
gnu gnutls 1.0.17
gnu gnutls 2.3.3
gnu gnutls 1.5.4
gnu gnutls 1.7.13
mozilla nss 3.11.7
gnu gnutls 1.7.16
gnu gnutls 1.3.4
gnu gnutls 1.7.0
gnu gnutls 2.0.2
gnu gnutls 1.5.5
openssl openssl 0.9.8j
mozilla nss 3.11.8
gnu gnutls 2.5.0
mozilla nss 3.4
gnu gnutls 1.7.2
gnu gnutls 2.3.7
gnu gnutls 2.1.2
gnu gnutls 2.1.6
mozilla nss 3.12.1
gnu gnutls 1.7.17
gnu gnutls 1.7.6
gnu gnutls 1.1.13
gnu gnutls 1.2.1
gnu gnutls 2.1.3
gnu gnutls 1.4.0
gnu gnutls 1.7.3
gnu gnutls 1.7.11
gnu gnutls 2.0.1
mozilla nss 3.2
gnu gnutls 1.2.6
gnu gnutls 1.3.5
gnu gnutls 2.3.10
gnu gnutls 2.3.11
mozilla nss 3.3.1
gnu gnutls 1.3.1
gnu gnutls 1.0.24
gnu gnutls 1.1.19
gnu gnutls 1.4.2
gnu gnutls 1.0.23
gnu gnutls 1.5.2
gnu gnutls 1.7.9
gnu gnutls 2.2.5
mozilla nss *
gnu gnutls 1.2.8
gnu gnutls 2.0.0
gnu gnutls 2.6.2
gnu gnutls 1.7.7
mozilla nss 3.4.3
gnu gnutls 2.1.8
mozilla nss 3.5
gnu gnutls 2.0.3
gnu gnutls 2.3.4
gnu gnutls 1.5.3
gnu gnutls 1.0.20
mozilla nss 3.10
gnu gnutls 2.7.4
gnu gnutls 2.1.4
gnu gnutls 2.4.1
gnu gnutls 2.2.3
gnu gnutls 2.2.1
gnu gnutls 1.1.14
mozilla nss 3.3
gnu gnutls 1.7.8
openssl openssl 0.9.8k
mozilla nss 3.9
gnu gnutls 1.1.17
gnu gnutls 2.1.0
gnu gnutls 2.3.9
gnu gnutls 2.1.5
mozilla nss 3.7.3
gnu gnutls 1.4.3
gnu gnutls 1.0.25
mozilla nss 3.4.1
mozilla nss 3.11.2
gnu gnutls 2.2.2
mozilla nss 3.9.5
gnu gnutls 1.7.19
gnu gnutls 2.3.6
gnu gnutls 2.1.7
mozilla nss 3.0
mozilla nss 3.7.7
gnu gnutls 1.6.3
mozilla nss 3.8
mozilla nss 3.3.2
mozilla nss 3.7
gnu gnutls 1.7.15
mozilla nss 3.7.1
mozilla nss 3.7.2
gnu gnutls 1.0.18
gnu gnutls 1.7.10
gnu gnutls 2.3.5
gnu gnutls 1.7.1
gnu gnutls 1.0.22
gnu gnutls 1.2.5
gnu gnutls 1.2.2
gnu gnutls 1.3.0
mozilla network_security_services *
gnu gnutls 1.2.3
gnu gnutls 1.3.3
mozilla nss 3.6
gnu gnutls 1.1.21
gnu gnutls 2.4.2
gnu gnutls 2.3.0
gnu gnutls 1.3.2
gnu gnutls 1.5.1
openssl openssl 0.9.8a
gnu gnutls 1.0.19
gnu gnutls 1.2.11
openssl openssl 0.9.8c
openssl openssl 0.9.8f
mozilla nss 3.7.5
gnu gnutls 1.2.9
openssl openssl 0.9.8e
gnu gnutls 1.4.1
openssl openssl 0.9.8d
openssl openssl 0.9.8g
gnu gnutls 1.1.22
gnu gnutls 1.4.4
gnu gnutls 2.1.1
gnu gnutls 2.2.0
openssl openssl 0.9.8h
mozilla nss 3.2.1
gnu gnutls 1.2.0
gnu gnutls 1.7.12
gnu gnutls 1.1.16
gnu gnutls 1.0.16
gnu gnutls 1.5.0
gnu gnutls 2.3.1
openssl openssl 0.9.8i
gnu gnutls 1.1.20
mozilla nss 3.6.1
gnu gnutls 1.0.21
gnu gnutls 1.7.14
mozilla firefox *
gnu gnutls 1.2.7
mozilla nss 3.11.4
gnu gnutls 1.7.4
gnu gnutls 1.6.2
gnu gnutls 1.1.18
gnu gnutls 1.6.1
gnu gnutls 1.2.4
gnu gnutls 1.4.5
gnu gnutls 1.6.0
gnu gnutls 1.2.10
gnu gnutls 2.2.4
openssl openssl 0.9.8b
gnu gnutls 1.1.23
gnu gnutls 1.2.8.1a1
gnu gnutls 2.3.8
gnu gnutls *
gnu gnutls 2.6.1
mozilla nss 3.4.2
mozilla nss 3.12
openssl openssl *
gnu gnutls 1.7.5
openssl openssl 0.9.8
gnu gnutls 2.0.4
gnu gnutls 2.3.2
gnu gnutls 1.7.18
CVE-2009-2466 HIGH

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2009-3010 MEDIUM

Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header. NOTE: in some product versions, the JavaScript executes outside of the context of the HTTP site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla mozilla *
mozilla firefox *
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.17
mozilla firefox 3.7
CVE-2009-3274 MEDIUM

Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 3.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.3
mozilla firefox 3.5.2
mozilla firefox 2.0.0.9
mozilla firefox 3.0.6
mozilla firefox 3.0.11
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla firefox 2.0.0.10
mozilla firefox 3.0.7
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 2.0.0.20
mozilla firefox 2.0.0.4
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2009-3385 HIGH

The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e-mail message, as demonstrated by a Flash object that sends arbitrary local files during a reply or forward operation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.11
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.1
mozilla seamonkey *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla seamonkey 1.0.3
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1.13
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 1.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
CVE-2009-3387 MEDIUM

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.4
mozilla bugzilla 3.5.1
mozilla bugzilla 3.4.1
mozilla bugzilla 3.3.2
mozilla bugzilla 3.3.3
mozilla bugzilla 3.3.1
mozilla bugzilla 3.4
mozilla bugzilla 3.4.2
mozilla bugzilla 3.5.2
mozilla bugzilla 3.3.4
CVE-2009-3555 MEDIUM

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
debian debian_linux 4.0
canonical ubuntu_linux 8.04
debian debian_linux 5.0
apache http_server *
canonical ubuntu_linux 8.10
gnu gnutls *
canonical ubuntu_linux 9.04
fedoraproject fedora 11
canonical ubuntu_linux 9.10
openssl openssl *
canonical ubuntu_linux 10.10
debian debian_linux 7.0
fedoraproject fedora 14
f5 nginx *
debian debian_linux 8.0
mozilla nss *
openssl openssl 1.0
fedoraproject fedora 12
fedoraproject fedora 13
CVE-2009-3988 MEDIUM

Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.0.3
mozilla firefox 3.5.7
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.5.6
mozilla firefox 3.0.6
mozilla firefox 3.0.11
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.5
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla firefox 3.0.7
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2009-3989 MEDIUM

Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x before 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote attackers to obtain sensitive information via requests for (1) CVS/, (2) contrib/, (3) docs/en/xml/, (4) t/, or (5) old-params.txt.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 3.4.2
mozilla bugzilla 2.16.11
mozilla bugzilla 2.2
mozilla bugzilla 2.20.3
mozilla bugzilla 2.22.6
mozilla bugzilla 2.14.5
mozilla bugzilla 2.22.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 2.18.8
mozilla bugzilla 2.18.9
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla *
mozilla bugzilla 3.5.2
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 2.22
mozilla bugzilla 2.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 2.16.1
mozilla bugzilla 2.14.4
mozilla bugzilla 3.0.3
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 3.5
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.4
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.12
mozilla bugzilla 2.18.6
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 2.14.3
mozilla bugzilla 3.0.8
mozilla bugzilla 2.22.7
mozilla bugzilla 2.20.7
mozilla bugzilla 2.20.2
mozilla bugzilla 2.16.8
mozilla bugzilla 2.18.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
CVE-2009-4629 MEDIUM

Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS prefetching even when the app type is APP_TYPE_MAIL or APP_TYPE_EDITOR, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests, as demonstrated by DNS requests triggered by reading text/plain e-mail messages in Thunderbird.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla seamonkey *
mozilla thunderbird 3.0.1
CVE-2009-4630 MEDIUM

Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the vendor disputes the significance of this issue, stating "I don't think we necessarily need to worry about that case."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
CVE-2009-5017 MEDIUM

Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 3.6
CVE-2010-0159 HIGH

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 8.04
mozilla firefox *
debian debian_linux 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 8.10
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
CVE-2010-0160 HIGH

The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.6
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0161 MEDIUM

The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla thunderbird 1.0.3
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla thunderbird 1.5.1
mozilla seamonkey 1.1.2
mozilla seamonkey 1.0
mozilla thunderbird 1.5.0.1
mozilla seamonkey 1.0.5
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.11
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla thunderbird 1.0.4
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-0162 MEDIUM

Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.6
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0163 MEDIUM

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 0.7.1
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla thunderbird 1.0.3
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla thunderbird 1.5.1
mozilla seamonkey 1.1.2
mozilla seamonkey 1.0
mozilla thunderbird 1.5.0.1
mozilla seamonkey 1.0.5
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.11
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-0164 HIGH

Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6
CVE-2010-0165 HIGH

The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6
CVE-2010-0166 MEDIUM

The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6
CVE-2010-0167 HIGH

The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.0.1
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla firefox 3.0.17
mozilla firefox 3.0.1
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.5.0.11
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.5.0.8
mozilla firefox 3.0.16
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla firefox 3.0.13
mozilla thunderbird 2.0.0.19
CVE-2010-0168 HIGH

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser's add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.6.1
mozilla firefox 3.6
CVE-2010-0169 MEDIUM

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.0.1
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla firefox 3.0.17
mozilla firefox 3.0.1
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.5.0.11
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.5.0.8
mozilla firefox 3.0.16
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla firefox 3.0.13
mozilla thunderbird 2.0.0.19
CVE-2010-0170 MEDIUM

Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 3.6
CVE-2010-0171 MEDIUM

Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.0.1
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla firefox 3.0.17
mozilla firefox 3.0.1
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.5.0.11
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.5.0.8
mozilla firefox 3.0.16
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla firefox 3.0.13
mozilla thunderbird 2.0.0.19
CVE-2010-0172 MEDIUM

toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 3.6
CVE-2010-0173 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0174 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0175 HIGH

Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0176 HIGH

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0177 HIGH

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.0.3
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 1.5.7
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0178 HIGH

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.0.3
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 1.5.7
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0179 MEDIUM

Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0180 LOW

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.5.3
mozilla bugzilla 3.7
mozilla bugzilla 3.5.1
mozilla bugzilla 3.6
mozilla bugzilla 3.5.2
CVE-2010-0181 MEDIUM

Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.0.3
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 1.5.7
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0182 MEDIUM

The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0183 HIGH

Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 1.1.19
mozilla firefox 3.5.7
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.7
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1.13
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
CVE-2010-0648 MEDIUM

Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 2.0.0.6
mozilla firefox 1.5.0.6
mozilla firefox 2.0.0.17
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 1.5.0.5
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.5.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 3.0.15
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 1.0
mozilla firefox 2.0.0.20
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.0.6
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 1.5.2
mozilla firefox 2.0.0.10
mozilla firefox 3.0.7
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 1.5.5
mozilla firefox 3.0.2
mozilla firefox 1.5.7
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-0654 MEDIUM

Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-1028 HIGH

Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 3.6.1
mozilla firefox 3.6
mozilla firefox 3.7
CVE-2010-1121 HIGH

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 3.6.1
mozilla firefox 3.6
mozilla firefox 3.6.2
CVE-2010-1122 HIGH

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.5.2
mozilla firefox 3.5
mozilla firefox 3.5.3
mozilla firefox 3.5.4
mozilla firefox 3.5.5
mozilla firefox 3.5.1
CVE-2010-1125 MEDIUM

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-1196 HIGH

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-1197 MEDIUM

Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla seamonkey 1.1.19
mozilla firefox 3.5.7
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.7
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1.13
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.6.3
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
CVE-2010-1198 HIGH

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 1.1.19
mozilla firefox 3.5.7
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.7
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1.13
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.6.3
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
CVE-2010-1199 HIGH

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-1200 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-1201 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-1202 HIGH

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 1.5
mozilla thunderbird 0.8
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.4
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla seamonkey 1.1.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 0.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.17
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
CVE-2010-1203 HIGH

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6
mozilla firefox 3.6.3
mozilla firefox 3.6.2
CVE-2010-1204 MEDIUM

Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart search."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 2.17.7
mozilla bugzilla 3.2.2
mozilla bugzilla 3.5.1
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.0.5
mozilla bugzilla 3.0.10
mozilla bugzilla 3.4.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 3.3.3
mozilla bugzilla 3.0.6
mozilla bugzilla 3.4.3
mozilla bugzilla 3.0.11
mozilla bugzilla 3.1.1
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.17.3
mozilla bugzilla 3.7
mozilla bugzilla 3.4.4
mozilla bugzilla 3.0.9
mozilla bugzilla 3.3.1
mozilla bugzilla 3.4
mozilla bugzilla 2.17.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.5.2
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 2.17.5
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 3.0.1
mozilla bugzilla 3.2.6
mozilla bugzilla 3.1.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
CVE-2010-1205 HIGH

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
canonical ubuntu_linux 8.04
canonical ubuntu_linux 6.06
debian debian_linux 5.0
apple safari *
apple mac_os_x_server *
opensuse opensuse 11.2
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
vmware workstation *
opensuse opensuse 11.1
vmware player *
apple mac_os_x *
suse linux_enterprise_server 11
fedoraproject fedora 13
suse linux_enterprise_server 9
google chrome *
libpng libpng *
apple iphone_os *
canonical ubuntu_linux 9.04
canonical ubuntu_linux 9.10
apple itunes *
suse linux_enterprise_server 10
fedoraproject fedora 12
CVE-2010-1206 MEDIUM

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-1207 MEDIUM

Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox 3.6
mozilla firefox 3.6.3
mozilla firefox 3.6.2
mozilla firefox 3.6.4
CVE-2010-1208 HIGH

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2010-1209 HIGH

Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-1210 MEDIUM

intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla firefox 3.6.1
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla thunderbird 3.0.2
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla firefox 3.0.19
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 3.2
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.1
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla firefox 0.6.1
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 2.0.0.17
mozilla firefox 2.0.0.21
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-1211 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-1212 HIGH

js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6.1
mozilla firefox 3.6.3
mozilla firefox 3.6.2
mozilla thunderbird 3.1
mozilla firefox 3.6.4
mozilla firefox 3.6.6
CVE-2010-1213 MEDIUM

The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-1214 HIGH

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-1215 MEDIUM

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object from the chrome scope."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 3.6.1
mozilla firefox 3.6.3
mozilla firefox 3.6.2
mozilla thunderbird 3.1
mozilla firefox 3.6.4
mozilla firefox 3.6.6
CVE-2010-1585 HIGH

The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-1986 MEDIUM

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption and application crash) via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related to the gfxWindowsFontGroup::MakeTextRun function in xul.dll, a different vulnerability than CVE-2009-1571.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.3
CVE-2010-1987 MEDIUM

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.3
CVE-2010-1988 HIGH

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 3.6.3
CVE-2010-1990 MEDIUM

Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.0.3
mozilla firefox 3.5.7
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 3.0.6
mozilla firefox 3.0.11
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.0.17
mozilla firefox 3.0.1
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.5.1
mozilla firefox 3.0.4
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 3.0.15
mozilla firefox 3.6.3
mozilla firefox 3.5.3
mozilla firefox 3.5.5
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-2117 MEDIUM

Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.5.2
mozilla firefox 3.6
mozilla firefox 3.5.7
mozilla firefox 3.5
mozilla firefox 3.5.3
mozilla firefox 3.5.4
mozilla firefox 3.5.5
mozilla firefox 3.5.6
mozilla firefox 3.0.19
mozilla firefox 3.5.1
mozilla firefox 3.5.9
CVE-2010-2470 LOW

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.5.3
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 3.5.1
mozilla bugzilla 3.7.1
mozilla bugzilla 3.6
mozilla bugzilla 3.5.2
CVE-2010-2751 LOW

The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-2752 HIGH

Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-2753 HIGH

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse 11.2
suse linux_enterprise_software_development_kit 11
mozilla firefox *
opensuse opensuse 11.3
mozilla seamonkey *
mozilla thunderbird *
opensuse opensuse 11.1
mozilla thunderbird 3.1
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
CVE-2010-2754 MEDIUM

dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla thunderbird 3.0
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla seamonkey 1.1.13
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.6.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2010-2755 HIGH

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.7
CVE-2010-2756 MEDIUM

Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.0.11
mozilla bugzilla 3.6
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 3.0.9
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.7.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.22
mozilla bugzilla 3.0.10
mozilla bugzilla 2.20.5
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 2.6
mozilla bugzilla 2.22.3
mozilla bugzilla 3.3.3
mozilla bugzilla 2.8
mozilla bugzilla 2.19.2
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 3.4.3
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.9
mozilla bugzilla 3.4.4
mozilla bugzilla 2.23.1
mozilla bugzilla 2.20.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.23.2
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 3.0.8
mozilla bugzilla 2.22.7
mozilla bugzilla 2.20.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.20.2
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
CVE-2010-2757 MEDIUM

The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.0.11
mozilla bugzilla 3.6
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 3.0.9
mozilla bugzilla 2.22.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 3.7.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.22
mozilla bugzilla 3.0.10
mozilla bugzilla 3.4.6
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 2.6
mozilla bugzilla 2.22.3
mozilla bugzilla 3.3.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 3.4.3
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.9
mozilla bugzilla 3.4.4
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.23.2
mozilla bugzilla 3.3.1
mozilla bugzilla 3.2.3
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 3.0.8
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
CVE-2010-2758 MEDIUM

Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote attackers to guess product names via unspecified use of the (1) Reports or (2) Duplicates page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.0.11
mozilla bugzilla 3.6
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.18.9
mozilla bugzilla 3.3.2
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.7.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 2.17.2
mozilla bugzilla 3.0.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.22
mozilla bugzilla 3.0.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.20.5
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 2.19
mozilla bugzilla 3.0.3
mozilla bugzilla 2.6
mozilla bugzilla 2.22.3
mozilla bugzilla 3.3.3
mozilla bugzilla 2.8
mozilla bugzilla 2.19.2
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 3.4.3
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.9
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.23.1
mozilla bugzilla 2.20.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.23.2
mozilla bugzilla 3.3.1
mozilla bugzilla 2.18.6
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 2.17.5
mozilla bugzilla 3.0.8
mozilla bugzilla 2.22.7
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
CVE-2010-2759 MEDIUM

Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 3.1.3
mozilla bugzilla 3.0.11
mozilla bugzilla 3.6
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 3.3.2
mozilla bugzilla 3.0.9
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 3.7.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.5.1
mozilla bugzilla 3.0.5
mozilla bugzilla 3.0.10
mozilla bugzilla 3.4.6
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 2.6
mozilla bugzilla 3.3.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 3.4.3
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.9
mozilla bugzilla 3.4.4
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.23.2
mozilla bugzilla 3.3.1
mozilla bugzilla 3.2.3
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 3.0.8
mozilla bugzilla 3.2.6
CVE-2010-2760 HIGH

Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2762 MEDIUM

The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.6
mozilla firefox 3.6.3
mozilla firefox 3.6.2
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1
mozilla firefox 3.6.4
mozilla firefox 3.6.7
mozilla firefox 3.6.8
mozilla firefox 3.6.6
mozilla thunderbird 3.1.2
CVE-2010-2763 MEDIUM

The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-2764 MEDIUM

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2765 HIGH

Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2766 HIGH

The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2767 HIGH

The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2768 MEDIUM

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2769 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-2770 HIGH

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 0.7
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 0.3
mozilla firefox 1.8
mozilla firefox 0.2
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3131 HIGH

Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Windows XP allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .htm, .html, .jtx, .mfp, or .eml file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3166 HIGH

Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3167 HIGH

The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3168 HIGH

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3169 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3170 MEDIUM

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3171 MEDIUM

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-5913.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox 3.5.10
mozilla firefox 3.6.4
mozilla firefox 3.5.11
mozilla firefox 3.6.7
mozilla firefox 4.0
mozilla firefox 3.6.8
mozilla firefox 3.6.6
CVE-2010-3172 LOW

CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted URL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla bugzilla 3.2.2
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 3.6.2
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.16.11
mozilla bugzilla 2.2
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.14.5
mozilla bugzilla 2.22.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.16.5
mozilla bugzilla 2.21.1
mozilla bugzilla *
mozilla bugzilla 2.17.4
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.19.2
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.4
mozilla bugzilla 2.9
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.23.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.18
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.20.2
mozilla bugzilla 2.16.8
mozilla bugzilla 4.0
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
CVE-2010-3173 HIGH

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3174 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 3.5.12
mozilla seamonkey 1.0.2
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 0.6
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2010-3175 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.6
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1
mozilla thunderbird 3.1.4
mozilla firefox 3.6.8
mozilla thunderbird 3.1.2
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla firefox 3.6.2
mozilla firefox 3.6.4
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla firefox 3.6.6
CVE-2010-3176 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla firefox 3.6.8
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2010-3177 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3178 MEDIUM

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3179 HIGH

Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3180 HIGH

Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3181 MEDIUM

Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3182 MEDIUM

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3183 HIGH

The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3399 MEDIUM

The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2010-3171.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox 3.5.10
mozilla firefox 3.6.4
mozilla firefox 3.5.11
mozilla firefox 3.6.7
mozilla firefox 4.0
mozilla firefox 3.6.8
mozilla firefox 3.6.6
CVE-2010-3400 MEDIUM

The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2008-5913.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox 3.5.7
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla firefox 3.5.4
mozilla seamonkey 1.1.11
mozilla firefox 3.5.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla seamonkey *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.4
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.7
mozilla firefox 3.6
mozilla firefox 3.5
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.0.6
mozilla seamonkey 1.1.13
mozilla firefox 3.5.1
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 3.6.3
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla firefox 3.5.8
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
CVE-2010-3764 MEDIUM

The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.2.2
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 3.6.2
mozilla bugzilla 2.20
mozilla bugzilla 2.23.4
mozilla bugzilla 2.16.11
mozilla bugzilla 2.2
mozilla bugzilla 2.20.3
mozilla bugzilla 2.22.6
mozilla bugzilla 2.14.5
mozilla bugzilla 2.22.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 2.17
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.16.5
mozilla bugzilla 2.21.1
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.4
mozilla bugzilla 2.9
mozilla bugzilla 2.17.3
mozilla bugzilla 2.23.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.18
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.20.2
mozilla bugzilla 2.16.8
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
CVE-2010-3765 HIGH

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.2
mozilla firefox 3.5.14
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 3.5.13
mozilla seamonkey 2.0.8
mozilla firefox 3.5.4
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla firefox 3.5.9
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.9
mozilla thunderbird 3.0.3
mozilla firefox 3.5.2
mozilla firefox 3.6.6
mozilla seamonkey 2.0.4
mozilla thunderbird 3.0.5
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 3.1.5
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 3.6.4
mozilla firefox 3.5.8
CVE-2010-3766 HIGH

Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3767 HIGH

Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3768 HIGH

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.1.6
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3769 HIGH

The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.6.1
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 0.7
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 0.3
mozilla firefox 1.8
mozilla firefox 0.2
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.1.6
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3770 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla seamonkey 2.0.9
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3771 MEDIUM

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla seamonkey 2.0.9
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3772 HIGH

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla seamonkey 2.0.9
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3773 MEDIUM

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla seamonkey 2.0.9
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3774 MEDIUM

The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla seamonkey 2.0.9
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3775 HIGH

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 0.10.1
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 1.8
mozilla seamonkey 2.0.9
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2010-3776 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.1.6
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2010-3777 HIGH

Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.6
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1
mozilla thunderbird 3.1.4
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 3.1.2
mozilla thunderbird 3.1.5
mozilla firefox 3.6.1
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla thunderbird 3.1.6
mozilla firefox 3.6.2
mozilla firefox 3.6.4
mozilla firefox 3.6.7
mozilla firefox 3.6.12
mozilla thunderbird 3.1.3
mozilla firefox 3.6.6
CVE-2010-3778 HIGH

Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 0.6
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2010-4508 HIGH

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 4.0
CVE-2010-4567 MEDIUM

Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the URL (aka bug_file_loc) field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.4.5
mozilla bugzilla 2.14.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.16.5
mozilla bugzilla *
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2010-4568 HIGH

Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors, related to an insufficient number of calls to the srand function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.0.3
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
CVE-2010-4569 MEDIUM

Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.7.2
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0
mozilla bugzilla 3.7.3
CVE-2010-4570 MEDIUM

Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.7.2
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0
mozilla bugzilla 3.7.3
CVE-2010-4572 MEDIUM

CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the query string, a different vulnerability than CVE-2010-2761 and CVE-2010-4411.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.4.5
mozilla bugzilla 2.14.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.16.5
mozilla bugzilla *
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2010-5074 MEDIUM

The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 3.5.14
mozilla firefox 3.6.1
mozilla firefox 3.0.6
mozilla firefox 3.0.1
mozilla thunderbird 3.1.14
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla firefox 3.5.15
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla thunderbird 3.1.13
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 3.1.9
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla firefox 3.6.20
mozilla thunderbird 3.1.12
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1.15
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 3.6.19
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0046 MEDIUM

Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.4.5
mozilla bugzilla 2.14.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.16.5
mozilla bugzilla *
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2011-0048 MEDIUM

Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which allows remote attackers to conduct cross-site scripting (XSS) attacks against logged-out users via a crafted URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.4.5
mozilla bugzilla 2.14.5
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 2.16.5
mozilla bugzilla *
mozilla bugzilla 2.17.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2011-0051 MEDIUM

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0053 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-0054 HIGH

Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0055 HIGH

Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0056 HIGH

Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an "atom map" issue.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0057 HIGH

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0058 HIGH

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0059 MEDIUM

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0061 HIGH

Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-0062 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.6
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1
mozilla thunderbird 3.1.4
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 3.1.2
mozilla thunderbird 3.1.5
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla thunderbird 3.1.6
mozilla firefox 3.6.2
mozilla firefox 3.6.13
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.6.7
mozilla firefox 3.6.12
mozilla thunderbird 3.1.3
mozilla firefox 3.6.6
CVE-2011-0064 MEDIUM

The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
gnome pango 1.28.3
CVE-2011-0065 HIGH

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0066 HIGH

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0067 MEDIUM

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0069 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0070 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0071 MEDIUM

Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-0072 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0073 HIGH

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0074 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0075 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0076 HIGH

Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0077 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0078 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0079 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 4.0
CVE-2011-0080 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 1.1.3
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 3.6.7
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla firefox 3.6
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
CVE-2011-0081 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.6.16
mozilla thunderbird 3.1.2
mozilla firefox 3.6.1
mozilla firefox 3.6.2
mozilla firefox 3.6.7
mozilla firefox 4.0
mozilla thunderbird 3.1.3
mozilla firefox 3.6.6
mozilla thunderbird 3.1.8
mozilla thunderbird 3.1.1
mozilla thunderbird 3.1.4
mozilla firefox 3.6.14
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.15
mozilla thunderbird 3.1.5
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.6.12
mozilla thunderbird 3.1.9
CVE-2011-0082 MEDIUM

The X.509 certificate validation functionality in Mozilla Firefox 4.0.x through 4.0.1 does not properly implement single-session security exceptions, which might make it easier for user-assisted remote attackers to spoof an SSL server via an untrusted certificate that triggers potentially unwanted local caching of documents from that server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 4.0.1
mozilla firefox 4.0
CVE-2011-0083 HIGH

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-0084 HIGH

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 3.5.19
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-0085 HIGH

Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-1187 MEDIUM

Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
google chrome *
CVE-2011-1300 HIGH

The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
google chrome *
mozilla firefox 4.0
CVE-2011-1712 MEDIUM

The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 1.1.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 1.0.8
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla seamonkey 1.0.2
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla seamonkey 1.1.1
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 1.1.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2362 MEDIUM

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2363 HIGH

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2364 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla thunderbird 2.0.0.22
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla thunderbird 2.0.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.6.12
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla thunderbird 1.0.3
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla thunderbird 3.0.4
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
CVE-2011-2365 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla thunderbird 2.0.0.22
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla thunderbird 2.0.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.6.12
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla thunderbird 1.0.3
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 3.6.15
mozilla thunderbird 3.0.4
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
CVE-2011-2366 MEDIUM

Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla gecko 1.7
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla gecko 1.8
mozilla gecko 1.9.2
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla gecko 1.8.1
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 0.3
mozilla firefox 1.8
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla gecko *
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla firefox 3.6.2
mozilla gecko 1.9
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla gecko 1.9.1
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.0.13
CVE-2011-2367 MEDIUM

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 4.0.1
mozilla firefox 4.0
CVE-2011-2368 HIGH

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 4.0.1
mozilla firefox 4.0
CVE-2011-2369 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 4.0.1
mozilla firefox 4.0
CVE-2011-2370 MEDIUM

Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.5.1
mozilla firefox 3.0.15
mozilla firefox 3.6.17
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2371 HIGH

Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2372 LOW

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 6.0
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla firefox 3.6.19
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-2373 HIGH

Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2374 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2375 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla thunderbird 3.1.10
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2376 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2377 MEDIUM

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla seamonkey 2.0.13
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2378 HIGH

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.5.19
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2379 MEDIUM

Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 2.12
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 3.6.4
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 3.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
CVE-2011-2380 MEDIUM

Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 3.1.3
mozilla bugzilla 3.6.0
mozilla bugzilla 3.0.11
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 3.5.2
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.7.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 3.2.10
mozilla bugzilla 3.5.1
mozilla bugzilla 3.0.5
mozilla bugzilla 3.4.8
mozilla bugzilla 3.0.10
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 3.0.6
mozilla bugzilla 4.1
mozilla bugzilla 3.4.3
mozilla bugzilla 3.1.1
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.4
mozilla bugzilla 2.23.1
mozilla bugzilla 4.0.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.23.2
mozilla bugzilla 3.3.1
mozilla bugzilla 3.2.3
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 3.0.8
mozilla bugzilla 2.22.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.2.6
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
CVE-2011-2381 MEDIUM

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 3.0.11
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 3.0.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.11
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 3.3.2
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.22.3
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
CVE-2011-2598 MEDIUM

The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 4.0.1
mozilla firefox 4.0
CVE-2011-2605 MEDIUM

CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allows remote attackers to bypass intended access restrictions via a string containing a \n (newline) character, which is not properly handled in a JavaScript "document.cookie =" expression, a different vulnerability than CVE-2011-2374.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 2.0.0.8
mozilla firefox 3.5.16
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla thunderbird 1.0.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla firefox 3.5.15
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla firefox 3.6.2
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2976 MEDIUM

Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.4.1
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 3.4.2
mozilla bugzilla 2.16.11
mozilla bugzilla 3.3
mozilla bugzilla 2.20.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.1.4
mozilla bugzilla 2.17
mozilla bugzilla 3.3.2
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.22.4
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.17.4
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 3.2.10
mozilla bugzilla 2.18.2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.19
mozilla bugzilla 3.0.3
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.4
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.18.6
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.3.4
mozilla bugzilla 2.17.5
mozilla bugzilla 3.0.8
mozilla bugzilla 2.22.7
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.20.2
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
CVE-2011-2977 LOW

Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 4.0.1
mozilla bugzilla 4.1.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.6.5
mozilla bugzilla 3.7.3
mozilla bugzilla 3.7.2
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.4
mozilla bugzilla 3.6.3
mozilla bugzilla 3.7.1
mozilla bugzilla 4.1
mozilla bugzilla 4.0
mozilla bugzilla 4.1.2
CVE-2011-2978 MEDIUM

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.11
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
CVE-2011-2979 MEDIUM

Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla bugzilla 4.1.1
mozilla bugzilla 4.1
mozilla bugzilla 4.1.2
CVE-2011-2980 HIGH

Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla thunderbird 3.1.10
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.5.19
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 3.1.8
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2981 HIGH

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-16,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.5.19
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2982 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.0.14
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.9
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2983 MEDIUM

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla seamonkey 1.5.0.8
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla seamonkey 1.1.16
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.15
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.0.14
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-2984 HIGH

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla seamonkey 2.5
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 2.0.0.17
mozilla firefox 3.5.16
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 3.5.18
mozilla seamonkey 2.3
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla firefox 3.5.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 3.0.15
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 1.0
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 3.5.19
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 1.5.5
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla seamonkey 2.3.3
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla firefox 1.5.0.3
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla firefox 3.6.15
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla thunderbird 3.0.4
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 3.0.9
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla seamonkey 2.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2011-2985 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla thunderbird 2.0.0.22
mozilla seamonkey 2.0.6
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla thunderbird 1.0.3
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
CVE-2011-2986 MEDIUM

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-2987 HIGH

Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-2988 HIGH

Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.0.4
mozilla seamonkey 2.0.11
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.0.6
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla firefox 5.0
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.1
mozilla thunderbird *
mozilla seamonkey 2.0
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.2
mozilla firefox 4.0
mozilla seamonkey 2.0.10
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.8
CVE-2011-2989 HIGH

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla thunderbird 2.0.0.22
mozilla seamonkey 2.0.6
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla thunderbird 1.0.3
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
CVE-2011-2990 MEDIUM

The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2011-2991 HIGH

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla thunderbird 2.0.0.22
mozilla seamonkey 2.0.6
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla thunderbird 1.0.3
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
CVE-2011-2992 HIGH

The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 0.1
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 0.3
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla thunderbird 2.0.0.22
mozilla seamonkey 2.0.6
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird 1.5.0.10
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla thunderbird 3.1.1
mozilla thunderbird 1.0.3
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.0.7
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
CVE-2011-2993 HIGH

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 2.0.4
mozilla seamonkey 2.0.11
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.0.6
mozilla firefox 5.0
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.1
mozilla seamonkey 2.0
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 4.0
mozilla seamonkey 2.0.10
mozilla seamonkey 2.0.8
CVE-2011-2995 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 6.0
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla firefox 3.6.19
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-2996 HIGH

Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.6
mozilla firefox 3.6.22
mozilla firefox 3.6.18
mozilla firefox 3.6.21
mozilla firefox 3.6.14
mozilla firefox 3.6.16
mozilla firefox 3.6.19
mozilla firefox 3.6.8
mozilla firefox 3.6.20
mozilla firefox 3.6.11
mozilla firefox 3.6.15
mozilla firefox 3.6.17
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla firefox 3.6.2
mozilla firefox 3.6.13
mozilla firefox 3.6.4
mozilla firefox 3.6.7
mozilla firefox 3.6.12
mozilla firefox 3.6.6
CVE-2011-2997 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 6.0
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-2998 HIGH

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 3.6.10
mozilla firefox 3.6
mozilla firefox 3.6.22
mozilla firefox 3.6.18
mozilla firefox 3.6.21
mozilla firefox 3.6.14
mozilla firefox 3.6.16
mozilla firefox 3.6.19
mozilla firefox 3.6.8
mozilla firefox 3.6.20
mozilla firefox 3.6.11
mozilla firefox 3.6.15
mozilla firefox 3.6.17
mozilla firefox 3.6.3
mozilla firefox 3.6.9
mozilla firefox 3.6.2
mozilla firefox 3.6.13
mozilla firefox 3.6.4
mozilla firefox 3.6.7
mozilla firefox 3.6.12
mozilla firefox 3.6.6
CVE-2011-2999 MEDIUM

Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla firefox 3.6.19
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-3000 MEDIUM

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 6.0
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla firefox 3.6.19
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-3001 MEDIUM

Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 6.0
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-3002 HIGH

Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2011-3003 HIGH

Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2011-3004 MEDIUM

The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0.99
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2011-3005 HIGH

Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla firefox 6.0
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla thunderbird 1.0.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-3062 MEDIUM

Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-682,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
google chrome *
mozilla thunderbird_esr *
CVE-2011-3079 HIGH

The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
google chrome *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2011-3232 HIGH

YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla seamonkey 1.5.0.8
mozilla thunderbird 2.0_8
mozilla thunderbird 1.5
mozilla thunderbird 3.1.2
mozilla thunderbird 1.5.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.0.11
mozilla thunderbird 2.0_.5
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 2.0.0.23
mozilla thunderbird 3.1.6
mozilla thunderbird 1.5.0.1
mozilla firefox 3.6.13
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 1.0.1
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 2.0.0.22
mozilla seamonkey 1.1.19
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla thunderbird 3.0.3
mozilla thunderbird 2.0
mozilla firefox 5.0
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla thunderbird 1.0.6
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.5.0.8
mozilla thunderbird 1.7.1
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla thunderbird 1.5.0.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 0.7.1
mozilla seamonkey 2.0.1
mozilla firefox 3.6.18
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla thunderbird 1.7.3
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 2.0_.6
mozilla thunderbird 2.0_.9
mozilla seamonkey 1.0.99
mozilla thunderbird 3.0.8
mozilla firefox 3.6
mozilla thunderbird 2.0_.13
mozilla thunderbird 3.1.1
mozilla thunderbird 2.0_.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 3.6.21
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla firefox 3.6.19
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla thunderbird 3.0.4
mozilla seamonkey 1.0.5
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 2.0_.12
mozilla thunderbird 1.5.0.7
mozilla seamonkey 1.1.17
mozilla thunderbird 1.5.2
mozilla thunderbird 1.5.0.3
mozilla thunderbird 3.0.9
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla seamonkey 2.0.4
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla seamonkey 1.0.7
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla thunderbird 1.0.2
mozilla thunderbird 2.0_.4
mozilla thunderbird 1.0.8
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla seamonkey 2.1
mozilla firefox 3.6.9
mozilla thunderbird 1.0.4
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
CVE-2011-3389 MEDIUM

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
debian debian_linux 5.0
google chrome -
haxx curl *
siemens simatic_rf68xr_firmware *
canonical ubuntu_linux 11.04
opera opera_browser -
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_workstation 5.0
canonical ubuntu_linux 10.10
microsoft internet_explorer -
redhat enterprise_linux_desktop 5.0
canonical ubuntu_linux 11.10
siemens simatic_rf615r_firmware *
redhat enterprise_linux_workstation 6.0
microsoft windows -
mozilla firefox -
redhat enterprise_linux_server 6.0
CVE-2011-3647 HIGH

The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.0.13
CVE-2011-3648 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2011-3649 LOW

Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE: this issue exists because of a CVE-2011-2986 regression.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird 7.0
mozilla firefox 7.0
CVE-2011-3650 HIGH

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2011-3651 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 7.0
mozilla firefox 7.0
CVE-2011-3652 HIGH

The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 3.1.14
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2011-3653 MEDIUM

Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 3.6.1
mozilla firefox 0.1
mozilla thunderbird 3.1.14
mozilla thunderbird 0.1
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla thunderbird 3.1
mozilla firefox 3.6.16
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 3.0.1
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 2.0.0.7
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2011-3654 HIGH

The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 3.1.14
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2011-3655 HIGH

Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla thunderbird 7.0
mozilla thunderbird 6.0
mozilla thunderbird 6.0.1
mozilla firefox 6.0
mozilla firefox 5.0.1
mozilla firefox 6.0.1
mozilla firefox 5.0
mozilla firefox 4.0.1
mozilla firefox 7.0
mozilla firefox 4.0
mozilla firefox 6.0.2
mozilla thunderbird 6.0.2
CVE-2011-3657 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used, allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) tabular report, (2) graphical report, or (3) new chart.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2011-3658 HIGH

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla thunderbird 8.0
CVE-2011-3659 HIGH

Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
suse linux_enterprise_software_development_kit 10
mozilla seamonkey *
mozilla thunderbird *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
opensuse opensuse 11.4
CVE-2011-3660 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla seamonkey 1.0.99
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2011-3661 HIGH

YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla seamonkey 1.0.99
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2011-3663 MEDIUM

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2011-3664 MEDIUM

Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 3.1.14
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0a1
mozilla firefox 0.7
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla thunderbird 3.1.12
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla seamonkey 1.0.99
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla seamonkey 1.1.1
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla firefox 0.4
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2011-3665 HIGH

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla seamonkey 1.0.99
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2011-3666 MEDIUM

Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla thunderbird 3.1.14
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla firefox 0.10
mozilla thunderbird 3.1.13
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla thunderbird 2.0.0.2
mozilla firefox 0.7
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla firefox 0.4
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 3.0.13
CVE-2011-3667 MEDIUM

The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2011-3668 MEDIUM

Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2011-3669 MEDIUM

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that upload attachments.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2011-3670 MEDIUM

Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla thunderbird 0.1
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla thunderbird 0.3
mozilla seamonkey 1.1.2
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.3
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 0.7
mozilla thunderbird 1.7.1
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla seamonkey 1.1.10
mozilla firefox 0.7
mozilla seamonkey 1.0.1
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla thunderbird 0.5
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 0.8
mozilla thunderbird 1.0.5
mozilla seamonkey *
mozilla seamonkey 1.0.3
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 3.5.12
mozilla thunderbird 3.1.3
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla seamonkey 1.1.12
mozilla thunderbird 2.0.0.7
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla thunderbird 0.6
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 0.4
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 0.9
mozilla thunderbird 1.5.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 0.10.1
mozilla seamonkey 2.0.12
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla seamonkey 1.1.3
mozilla thunderbird 3.0.5
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 1.0.2
mozilla thunderbird 0.7.1
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla seamonkey 1.0.8
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 3.0.9
mozilla firefox 0.9.2
mozilla seamonkey 1.1.1
mozilla thunderbird 1.5.0.4
mozilla seamonkey 2.
mozilla seamonkey 1.1.14
mozilla thunderbird 2.0.0.20
mozilla thunderbird 0.2
mozilla thunderbird 1.5.0.6
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla seamonkey 1.1.13
mozilla thunderbird 1.0.2
mozilla firefox 0.9
mozilla seamonkey 2.0.13
mozilla firefox 0.4
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 3.0.13
CVE-2011-3671 HIGH

Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla seamonkey 1.0.99
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 2.0a1pre
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 2.0a1
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2011-3866 MEDIUM

Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2011-4688 MEDIUM

Mozilla Firefox 8.0.1 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 8.0
CVE-2011-5094 MEDIUM

Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-1473. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla network_security_services 3.4.2
mozilla network_security_services 3.3
mozilla network_security_services 3.9
mozilla network_security_services 3.4.1
mozilla network_security_services 3.7.7
mozilla network_security_services 3.7.1
mozilla network_security_services 3.2
mozilla network_security_services 3.11.5
mozilla network_security_services 3.2.1
mozilla network_security_services 3.5
mozilla network_security_services 3.11.3
mozilla network_security_services 3.3.2
mozilla network_security_services 3.11.2
mozilla network_security_services 3.7.2
mozilla network_security_services 3.11.4
mozilla network_security_services 3.7.5
mozilla network_security_services 3.7
mozilla network_security_services 3.6.1
mozilla network_security_services 3.8
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla network_security_services 3.3.1
mozilla network_security_services 3.7.3
CVE-2012-0440 MEDIUM

Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 3.5.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.6.2
mozilla bugzilla 3.6.5
mozilla bugzilla 3.5.3
mozilla bugzilla 3.5
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1
mozilla bugzilla 4.1.3
mozilla bugzilla 3.6
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 4.0.1
mozilla bugzilla 4.0.2
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2
mozilla bugzilla 3.7.3
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.2
mozilla bugzilla 3.6.4
mozilla bugzilla 3.6.3
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0
mozilla bugzilla 4.1.2
mozilla bugzilla 3.6.7
CVE-2012-0441 MEDIUM

The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla network_security_services 3.12.2
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla network_security_services 3.12
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla network_security_services 3.7
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla network_security_services 3.9
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla network_security_services 3.7.5
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla network_security_services 3.7.7
mozilla network_security_services 3.7.1
mozilla firefox 7.0.1
mozilla network_security_services 3.11.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla network_security_services 3.6.1
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla network_security_services 3.7.3
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla network_security_services 3.12.1
mozilla seamonkey 2.7
mozilla network_security_services 3.11.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla network_security_services 3.3.1
mozilla seamonkey 1.1.9
mozilla network_security_services 3.4.2
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla network_security_services 3.2
mozilla network_security_services 3.11.5
mozilla seamonkey 2.3.3
mozilla network_security_services *
mozilla seamonkey 1.0.8
mozilla network_security_services 3.11.2
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla network_security_services 3.2.1
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla network_security_services 3.3.2
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla network_security_services 3.8
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla network_security_services 3.5
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla network_security_services 3.7.2
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla seamonkey 2.0.4
mozilla network_security_services 3.3
mozilla network_security_services 3.4.1
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0442 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
debian debian_linux 5.0
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-0443 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.0.8
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 2.
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0444 HIGH

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
debian debian_linux 5.0
canonical ubuntu_linux 11.04
opensuse opensuse 11.4
canonical ubuntu_linux 10.10
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-0445 MEDIUM

Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.0.8
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0446 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.0.8
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0447 MEDIUM

Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.0.8
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 2.
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0448 MEDIUM

Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 does not reject non-ASCII characters in e-mail addresses of new user accounts, which makes it easier for remote authenticated users to spoof other user accounts by choosing a similar e-mail address.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2012-0449 HIGH

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
debian debian_linux 5.0
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-0450 LOW

Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.0.8
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla seamonkey 1.0.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0451 MEDIUM

CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox_esr 10.1
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox_esr 10.2
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0452 HIGH

Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 10.0
mozilla thunderbird 10.0
mozilla seamonkey 2.7
CVE-2012-0453 MEDIUM

Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzilla 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2, when mod_perl is used, allows remote attackers to hijack the authentication of arbitrary users for requests that modify the product's installation via the XML-RPC API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 4.0.2
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2
mozilla bugzilla 4.0.3
mozilla bugzilla 4.0.4
mozilla bugzilla 4.1.2
mozilla bugzilla 4.1.3
CVE-2012-0454 HIGH

Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox_esr 10.1
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox_esr 10.2
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0455 MEDIUM

Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla firefox_esr 10.1
mozilla firefox 6.0
mozilla firefox 9.0.1
mozilla firefox_esr 10.2
mozilla firefox *
mozilla firefox 5.0
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox 7.0
mozilla thunderbird_esr 10.0.2
mozilla firefox 9.0
mozilla firefox 4.0
mozilla thunderbird 9.0
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla thunderbird 6.0.1
mozilla firefox 5.0.1
mozilla firefox 6.0.1
mozilla firefox 4.0.1
mozilla thunderbird_esr 10.0.1
mozilla firefox 6.0.2
CVE-2012-0456 MEDIUM

The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 2.7.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla seamonkey -
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0457 HIGH

Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 2.7.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla seamonkey -
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0458 MEDIUM

Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 2.7.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla seamonkey -
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0459 HIGH

The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox_esr 10.1
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox_esr 10.2
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0460 MEDIUM

Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox_esr 10.1
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox_esr 10.2
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0461 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 2.7.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla seamonkey -
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0462 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox_esr 10.1
mozilla seamonkey 2.3.3
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox_esr 10.2
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla seamonkey 2.7
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0463 HIGH

The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 2.7.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla seamonkey -
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0464 HIGH

Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla seamonkey 2.7.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla seamonkey 1.0.3
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla seamonkey 2.6.1
mozilla seamonkey -
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 2.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.3.1
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.7
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 2.4.1
mozilla seamonkey 1.1.9
CVE-2012-0465 MEDIUM

Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP header, which allows remote attackers to bypass the lockout policy via a series of authentication requests with (1) different IP address strings in this header or (2) a long string in this header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.5.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.6.2
mozilla bugzilla 3.6.5
mozilla bugzilla 3.5.3
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 3.6.8
mozilla bugzilla 3.6.1
mozilla bugzilla 4.0.1
mozilla bugzilla 4.0.2
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2
mozilla bugzilla 3.7.3
mozilla bugzilla 3.5.2
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.2
mozilla bugzilla 3.6.4
mozilla bugzilla 3.6.3
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 4.1.2
mozilla bugzilla 3.6.7
CVE-2012-0466 MEDIUM

template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1 does not properly handle multiple logins, which allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive bug information via a crafted web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 2.18.7
CVE-2012-0467 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0468 HIGH

The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0469 HIGH

Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0470 HIGH

Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0471 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0472 HIGH

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0473 MEDIUM

The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0474 MEDIUM

Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0475 LOW

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0477 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0478 HIGH

The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-0479 MEDIUM

Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1126 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1127 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1128 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1129 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1130 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1131 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1132 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1133 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1134 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1135 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1136 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1137 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1138 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1139 HIGH

Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1140 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1141 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1142 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1143 MEDIUM

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1144 HIGH

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
freetype freetype 2.1.6
freetype freetype 2.4.7
freetype freetype 2.3.8
freetype freetype 1.3.1
freetype freetype 2.1.9
freetype freetype 2.0.7
freetype freetype 2.0.9
freetype freetype 2.3.3
freetype freetype 2.4.0
freetype freetype 2.3.5
mozilla firefox_mobile 4.0
freetype freetype 2.1.7
freetype freetype 2.1.8
mozilla firefox_mobile 6.0.1
mozilla firefox_mobile *
freetype freetype 2.4.6
mozilla firefox_mobile 6.0
mozilla firefox_mobile 10.0.1
freetype freetype 2.0.1
mozilla firefox_mobile 6.0.2
freetype freetype 2.3.0
freetype freetype *
freetype freetype 2.2.0
freetype freetype 2.3.6
freetype freetype 2.2.1
mozilla firefox_mobile 5.0
mozilla firefox_mobile 8.0
freetype freetype 2.3.4
freetype freetype 2.3.10
freetype freetype 2.1.3
freetype freetype 2.4.1
freetype freetype 2.4.2
freetype freetype 2.3.12
mozilla firefox_mobile 9.0
freetype freetype 2.4.3
freetype freetype 2.0.6
freetype freetype 2.1.10
freetype freetype 2.0.8
freetype freetype 2.1.4
freetype freetype 2.0.3
freetype freetype 2.4.5
mozilla firefox_mobile 7.0
freetype freetype 2.3.1
freetype freetype 2.1.5
freetype freetype 2.1
freetype freetype 2.3.7
freetype freetype 2.0.5
mozilla firefox_mobile 10.0
freetype freetype 2.3.2
mozilla firefox_mobile 1.0
freetype freetype 2.0.0
mozilla firefox_mobile 10.0.2
freetype freetype 2.0.2
freetype freetype 2.3.11
freetype freetype 2.3.9
freetype freetype 2.0.4
freetype freetype 2.4.4
CVE-2012-1937 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1938 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
redhat storage 2.0
redhat enterprise_linux_eus 6.2
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_workstation 5.0
opensuse opensuse 11.4
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-1939 HIGH

jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla firefox 10.0.1
mozilla firefox 10.0
mozilla firefox 10.0.2
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.3
mozilla thunderbird_esr 10.0.2
mozilla thunderbird_esr 10.0.1
mozilla firefox 10.0.3
mozilla thunderbird_esr 10.0.4
CVE-2012-1940 HIGH

Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1941 HIGH

Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1942 HIGH

The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allow local users to gain privileges by loading a DLL file in a privileged context.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 12.0
mozilla thunderbird 12.0
mozilla seamonkey 2.9
CVE-2012-1943 MEDIUM

Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 12.0
mozilla thunderbird 12.0
mozilla seamonkey 2.9
CVE-2012-1944 MEDIUM

The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1945 LOW

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1946 HIGH

Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1947 HIGH

Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-1948 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1950 MEDIUM

The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 10.0.5
mozilla firefox 7.0.1
mozilla firefox 6.0
mozilla firefox 10.0.3
mozilla firefox 9.0.1
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 6.0.1
mozilla firefox 5.0
mozilla firefox 4.0.1
mozilla firefox 8.0.1
mozilla firefox 10.0.2
mozilla firefox 10.0.4
mozilla firefox 7.0
mozilla firefox 9.0
mozilla firefox 4.0
mozilla firefox 6.0.2
CVE-2012-1951 HIGH

Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1952 HIGH

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1953 HIGH

The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1954 HIGH

Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1955 MEDIUM

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1957 MEDIUM

An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1958 HIGH

Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1959 MEDIUM

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1961 MEDIUM

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1962 HIGH

Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1963 MEDIUM

The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1964 MEDIUM

The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1965 MEDIUM

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 10.0.5
mozilla firefox 7.0.1
mozilla firefox 6.0
mozilla firefox 10.0.3
mozilla firefox 9.0.1
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 6.0.1
mozilla firefox 5.0
mozilla firefox 4.0.1
mozilla firefox 8.0.1
mozilla firefox 10.0.2
mozilla firefox 10.0.4
mozilla firefox 7.0
mozilla firefox 9.0
mozilla firefox 4.0
mozilla firefox 6.0.2
CVE-2012-1966 MEDIUM

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 10.0.5
mozilla firefox 7.0.1
mozilla firefox 6.0
mozilla firefox 10.0.3
mozilla firefox 9.0.1
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 6.0.1
mozilla firefox 5.0
mozilla firefox 4.0.1
mozilla firefox 8.0.1
mozilla firefox 10.0.2
mozilla firefox 10.0.4
mozilla firefox 7.0
mozilla firefox 9.0
mozilla firefox 4.0
mozilla firefox 6.0.2
CVE-2012-1967 HIGH

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 10.0.2
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 7.0
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla thunderbird 6.0
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla thunderbird_esr 10.0.5
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla firefox 7.0.1
mozilla thunderbird 9.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla thunderbird 7.0.1
mozilla seamonkey 1.1.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla firefox 10.0.5
mozilla seamonkey 1.1.13
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0.10
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 1.1.9
CVE-2012-1970 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-1972 HIGH

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-1973 HIGH

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-1974 HIGH

Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-1975 HIGH

Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-1976 HIGH

Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3105 HIGH

The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not properly mitigate an unspecified flaw in an NVIDIA driver, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a related issue to CVE-2011-3101.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 5.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.6
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 5.0.1
mozilla seamonkey 2.2
mozilla thunderbird 10.0
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird 7.0
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 7.0.1
mozilla firefox 5.0
mozilla seamonkey 1.0.9
mozilla thunderbird_esr 10.0.2
mozilla firefox 4.0
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla thunderbird 6.0.1
mozilla thunderbird 10.0.3
mozilla firefox 10.0.3
mozilla seamonkey 2.7
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird_esr 10.0.3
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla thunderbird 12.0
mozilla seamonkey 1.0.3
mozilla firefox 9.0
mozilla thunderbird 9.0
mozilla seamonkey 1.0.2
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla seamonkey 1.0.6
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.0.4
mozilla seamonkey 2.6.1
mozilla firefox 4.0.1
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.17
mozilla thunderbird 8.0
mozilla thunderbird 9.0.1
mozilla thunderbird 11.0
mozilla thunderbird 10.0.4
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla thunderbird 10.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla firefox 10.0.4
mozilla thunderbird_esr 10.0.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla seamonkey 2.4.1
CVE-2012-3956 HIGH

Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3957 HIGH

Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3958 HIGH

Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3959 HIGH

Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-3960 HIGH

Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3961 HIGH

Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3962 HIGH

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3963 HIGH

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3964 HIGH

Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3966 HIGH

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3967 HIGH

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3968 HIGH

Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3969 HIGH

Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3970 HIGH

Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3972 MEDIUM

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
CVE-2012-3974 MEDIUM

Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla thunderbird 3.1.18
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla thunderbird 3.1.19
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3976 MEDIUM

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
redhat enterprise_linux_server_eus 6.3
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3978 MEDIUM

The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.0.6
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3979 MEDIUM

Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 5.0.1
mozilla firefox_mobile 6.0.2
mozilla firefox 3.6.17
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.24
mozilla firefox_mobile 10.0.2
mozilla firefox 10.0.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox_mobile 10.0.4
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox_mobile 6.0.1
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox_mobile 10.0.1
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 3.6.19
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
google android *
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox_mobile 10.0
mozilla firefox_mobile 10.0.3
mozilla firefox 10.0.5
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 6.0.2
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2012-3980 HIGH

The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 3.1.14
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla firefox 1.5.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3982 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3986 MEDIUM

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3988 HIGH

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3990 HIGH

Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3991 HIGH

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3992 MEDIUM

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3993 HIGH

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 10.0
mozilla thunderbird 1.0
mozilla thunderbird 5.0
mozilla firefox 3.6.10
mozilla thunderbird 2.0.0.15
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla thunderbird_esr 10.0.6
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla thunderbird 3.1.2
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla thunderbird 12.0.1
mozilla thunderbird 3.1.14
mozilla thunderbird_esr 10.0.7
mozilla thunderbird 2.0.0.13
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla thunderbird 2.0.0.23
mozilla thunderbird 1.5.0.1
mozilla seamonkey 2.9.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla thunderbird_esr 10.0.4
mozilla seamonkey 2.0.8
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla thunderbird 7.0.1
mozilla thunderbird 2.0
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 3.0.10
mozilla thunderbird 1.0.6
mozilla thunderbird 3.1.13
mozilla firefox 3.6.24
mozilla thunderbird 2.0.0.1
mozilla thunderbird 10.0.3
mozilla thunderbird 1.7.1
mozilla firefox 10.0.3
mozilla thunderbird 2.0.0.0
mozilla thunderbird 2.0.0.6
mozilla firefox 1.5.5
mozilla seamonkey 2.0.7
mozilla thunderbird 2.0.0.2
mozilla thunderbird_esr 10.0.3
mozilla thunderbird 2.0.0.14
mozilla thunderbird 2.0.0.19
mozilla thunderbird 3.1.9
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla thunderbird 13.0.1
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla thunderbird 3.1
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla thunderbird 1.0.5
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 12.0
mozilla thunderbird 2.0.0.12
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla thunderbird 1.7.3
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla thunderbird 9.0
mozilla thunderbird 3.1.3
mozilla thunderbird 6.0.2
mozilla firefox 10.0.1
mozilla thunderbird 6.0
mozilla thunderbird 3.0.8
mozilla firefox 2.0.0.12
mozilla thunderbird 3.1.15
mozilla firefox 3.5.10
mozilla thunderbird 1.0.3
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla thunderbird 2.0.0.11
mozilla thunderbird 2.0.0.7
mozilla thunderbird 14.0
mozilla thunderbird 9.0.1
mozilla thunderbird 1.5.2
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla thunderbird 10.0.4
mozilla thunderbird 1.5.0.3
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla firefox 10.0.7
mozilla thunderbird 1.5.0.13
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla thunderbird 1.0.8
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla thunderbird 3.1.5
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla thunderbird 3.1.7
mozilla thunderbird_esr 10.0.1
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla thunderbird 1.5.0.14
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla thunderbird 3.1.10
mozilla thunderbird 2.0.0.8
mozilla thunderbird 1.5
mozilla thunderbird 1.5.0.2
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla thunderbird 2.0.0.5
mozilla thunderbird 2.0.0.4
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 14.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla thunderbird 3.0.6
mozilla thunderbird 3.1.4
mozilla seamonkey 2.11
mozilla firefox 5.0.1
mozilla thunderbird 3.0.11
mozilla firefox 3.6.17
mozilla thunderbird 3.1.6
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla thunderbird 10.0
mozilla thunderbird 13.0
mozilla firefox 3.5.13
mozilla thunderbird 1.0.1
mozilla firefox 1.5.4
mozilla thunderbird 7.0
mozilla thunderbird 2.0.0.22
mozilla firefox 3.0.3
mozilla seamonkey 2.12.1
mozilla seamonkey 2.0.6
mozilla thunderbird 15.0
mozilla firefox 3.5.11
mozilla thunderbird 3.0.2
mozilla thunderbird 3.0.7
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla thunderbird 3.0.3
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla thunderbird 1.0.7
mozilla thunderbird 1.5.0.11
mozilla thunderbird_esr 10.0.2
mozilla thunderbird 11.0.1
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla thunderbird 1.5.0.5
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla thunderbird 2.0.0.18
mozilla seamonkey 2.3.1
mozilla thunderbird 3.0
mozilla thunderbird 3.0.5
mozilla thunderbird 6.0.1
mozilla seamonkey 2.13
mozilla thunderbird 1.5.0.8
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla thunderbird 1.5.0.9
mozilla firefox 3.6.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla thunderbird 1.5.0.10
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla thunderbird 3.1.17
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla thunderbird 3.0.1
mozilla thunderbird 3.1.12
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla thunderbird 3.0.10
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla thunderbird 3.1.1
mozilla firefox 1.0.1
mozilla thunderbird_esr 10.0.5
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla thunderbird 2.0.0.16
mozilla seamonkey 2.10.1
mozilla thunderbird 1.5.1
mozilla thunderbird 3.1.11
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla thunderbird 3.0.4
mozilla thunderbird 1.5.0.7
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla thunderbird 8.0
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla thunderbird 11.0
mozilla thunderbird 3.0.9
mozilla thunderbird 3.1.16
mozilla thunderbird 1.5.0.4
mozilla thunderbird 2.0.0.20
mozilla thunderbird 1.5.0.6
mozilla thunderbird 3.1.8
mozilla thunderbird 2.0.0.9
mozilla thunderbird 1.5.0.12
mozilla firefox 15.0
mozilla thunderbird 2.0.0.3
mozilla firefox 10.0.5
mozilla thunderbird 10.0.2
mozilla thunderbird 1.0.2
mozilla thunderbird 10.0.1
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.1
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla thunderbird 1.0.4
mozilla thunderbird 2.0.0.17
mozilla firefox 1.5.7
mozilla thunderbird 2.0.0.21
mozilla seamonkey 2.0.10
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2012-3994 MEDIUM

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-3995 HIGH

The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4179 HIGH

Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4180 HIGH

Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4181 HIGH

Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
CVE-2012-4182 HIGH

Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4183 HIGH

Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_sdk 11
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
CVE-2012-4184 MEDIUM

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4185 HIGH

Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4186 HIGH

Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4187 HIGH

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4188 HIGH

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_sdk 10
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4193 MEDIUM

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
suse linux_enterprise_server 10
redhat enterprise_linux_server 6.0
CVE-2012-4194 MEDIUM

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4195 MEDIUM

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4196 MEDIUM

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 11.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4201 MEDIUM

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4202 HIGH

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4206 MEDIUM

Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 10.0.10
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 3.6.19
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 15.0
mozilla firefox 10.0.7
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 6.0.2
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2012-4207 MEDIUM

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4209 MEDIUM

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4210 HIGH

The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 10.0.10
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 3.6.19
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 15.0
mozilla firefox 10.0.7
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 6.0.2
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2012-4213 HIGH

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4214 HIGH

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4215 HIGH

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-4216 HIGH

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5822 MEDIUM

The contribution feature in Zamboni does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the Python urllib2 library.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 2.2 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
mozilla zamboni -
CVE-2012-5829 HIGH

Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5830 MEDIUM

Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
suse suse_linux_enterprise_desktop 10
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
redhat enterprise_linux_server_eus 6.3
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
CVE-2012-5833 HIGH

The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5835 HIGH

Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5836 HIGH

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5837 MEDIUM

The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 3.6.19
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 15.0
mozilla firefox 16.0.1
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 6.0.2
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2012-5838 HIGH

The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5839 HIGH

Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5840 HIGH

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5841 MEDIUM

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5842 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 6.0
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5843 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2012-5883 MEDIUM

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
yahoo yui 2.8.0
mozilla bugzilla 4.0.3
yahoo yui 2.9.0
mozilla bugzilla 4.3
mozilla bugzilla 4.3.2
mozilla bugzilla 4.0.6
mozilla bugzilla 4.1
yahoo yui 2.8.1
mozilla bugzilla 4.1.3
mozilla bugzilla 3.7
mozilla bugzilla 4.2.1
mozilla bugzilla 4.0.1
mozilla bugzilla 4.0.2
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2.3
mozilla bugzilla 4.2
mozilla bugzilla 4.3.3
mozilla bugzilla 3.7.3
mozilla bugzilla 4.2.2
mozilla bugzilla 4.0.5
mozilla bugzilla 4.3.1
mozilla bugzilla 3.7.2
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 4.0
mozilla bugzilla 4.1.2
mozilla bugzilla 4.0.8
mozilla bugzilla 4.0.7
yahoo yui 2.8.2
CVE-2012-5884 MEDIUM

The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 4.3.2
CVE-2013-0744 HIGH

Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0745 HIGH

The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0746 HIGH

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0747 MEDIUM

The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0748 MEDIUM

The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0749 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0750 HIGH

Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0751 MEDIUM

Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla seamonkey 2.0.5
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla seamonkey 1.5.0.8
mozilla firefox 1.0.3
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla seamonkey 1.1.16
mozilla firefox 3.5.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.1.2
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla seamonkey 2.13.2
mozilla seamonkey 2.9.1
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla seamonkey 1.1.19
mozilla firefox 7.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla seamonkey 2.14.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla seamonkey 2.7.2
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla seamonkey 1.1.7
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla firefox 0.7
mozilla seamonkey 1.0.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 8.0
mozilla firefox 12.0
mozilla seamonkey 2.0.1
mozilla firefox 1.5.0.6
mozilla seamonkey 2.13.1
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 1.0.3
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla seamonkey 1.0.2
mozilla firefox 10.0.1
mozilla firefox 2.0.0.12
mozilla seamonkey 2.14
mozilla firefox 3.5.10
mozilla seamonkey 1.5.0.9
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla seamonkey 1.0
mozilla firefox 2.0.0.14
mozilla seamonkey 2.0
mozilla firefox 3.5.5
mozilla seamonkey 1.0.5
mozilla firefox 2.0.0.20
mozilla seamonkey 1.1.12
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla seamonkey 2.10
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 1.5.0.1
mozilla seamonkey 2.0.14
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 3.5.8
mozilla seamonkey 2.4.1
mozilla firefox 3.0.8
mozilla seamonkey 2.5
mozilla seamonkey 2.0.3
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla seamonkey 2.3
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla seamonkey 2.3.2
mozilla firefox 14.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla seamonkey 2.0.11
mozilla firefox 3.6.22
mozilla seamonkey 2.6
mozilla seamonkey 2.11
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla seamonkey 2.2
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla seamonkey 1.1.15
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla seamonkey 2.12.1
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla firefox 3.5.11
mozilla seamonkey 2.4
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla seamonkey 1.0.9
mozilla firefox 1.5.8
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla seamonkey 2.3.1
mozilla seamonkey 1.1.3
mozilla seamonkey 2.13
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla seamonkey 2.7
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla seamonkey 2.0.2
mozilla firefox 3.0.2
mozilla seamonkey 1.1.6
mozilla firefox 3.0
mozilla seamonkey 1.1.5
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla seamonkey 1.1.9
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla seamonkey 2.3.3
mozilla seamonkey 1.0.8
mozilla firefox 15.0.1
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla seamonkey 1.0.6
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla seamonkey 1.0.4
mozilla seamonkey 2.10.1
mozilla seamonkey 2.6.1
mozilla firefox 1.5.0.7
mozilla seamonkey 2.0.9
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla seamonkey 1.1.17
mozilla firefox 3.5.4
mozilla seamonkey 2.15
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.14
mozilla firefox 15.0
mozilla seamonkey 1.1.13
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla seamonkey 2.0.13
mozilla firefox 0.4
mozilla seamonkey 2.1
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 1.5.7
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2013-0752 HIGH

Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0753 HIGH

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0754 HIGH

Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0755 HIGH

Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0756 HIGH

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0757 HIGH

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0758 HIGH

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0759 MEDIUM

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0760 HIGH

Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0761 HIGH

Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0762 HIGH

Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0763 HIGH

Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0764 HIGH

The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-326,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0765 HIGH

Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
opensuse opensuse 11.4
CVE-2013-0766 HIGH

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0767 HIGH

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0768 HIGH

Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0769 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server 6.0
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0770 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0771 HIGH

Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-0772 MEDIUM

The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0773 HIGH

The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
CVE-2013-0774 MEDIUM

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
mozilla thunderbird_esr *
opensuse opensuse 11.4
CVE-2013-0775 HIGH

Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0776 MEDIUM

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0777 HIGH

Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
mozilla thunderbird_esr *
opensuse opensuse 11.4
CVE-2013-0778 HIGH

The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
mozilla thunderbird_esr *
opensuse opensuse 11.4
CVE-2013-0779 HIGH

The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
mozilla thunderbird_esr *
opensuse opensuse 11.4
CVE-2013-0780 HIGH

Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0781 HIGH

Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
mozilla thunderbird_esr *
opensuse opensuse 11.4
CVE-2013-0782 HIGH

Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0783 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
redhat enterprise_linux_desktop 6.0
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_aus 5.9
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
redhat enterprise_linux_eus 6.3
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0784 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
opensuse opensuse 12.2
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.10
mozilla thunderbird_esr *
opensuse opensuse 11.4
CVE-2013-0785 MEDIUM

Cross-site scripting (XSS) vulnerability in show_bug.cgi in Bugzilla before 3.6.13, 3.7.x and 4.0.x before 4.0.10, 4.1.x and 4.2.x before 4.2.5, and 4.3.x and 4.4.x before 4.4rc2 allows remote attackers to inject arbitrary web script or HTML via the id parameter in conjunction with an invalid value of the format parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 4.0.3
mozilla bugzilla 3.6.2
mozilla bugzilla 3.6.5
mozilla bugzilla 4.3
mozilla bugzilla 4.3.2
mozilla bugzilla 4.0.6
mozilla bugzilla 3.6.10
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.1
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 3.6
mozilla bugzilla 3.6.8
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 4.2.1
mozilla bugzilla 4.0.1
mozilla bugzilla 4.0.2
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2.3
mozilla bugzilla 4.2
mozilla bugzilla 4.3.3
mozilla bugzilla 3.7.3
mozilla bugzilla 4.2.2
mozilla bugzilla *
mozilla bugzilla 3.6.9
mozilla bugzilla 4.0.5
mozilla bugzilla 4.3.1
mozilla bugzilla 3.7.2
mozilla bugzilla 3.6.4
mozilla bugzilla 3.6.3
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 4.0
mozilla bugzilla 4.1.2
mozilla bugzilla 4.0.8
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.4
mozilla bugzilla 3.6.7
mozilla bugzilla 4.4
CVE-2013-0786 MEDIUM

The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote attackers to discover private product names by using debug mode for a query.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 2.2
mozilla bugzilla 3.6.10
mozilla bugzilla 2.14.5
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 2.18.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 4.0.8
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 2.14.4
mozilla bugzilla 2.19.2
mozilla bugzilla 2.16.3
mozilla bugzilla 2.9
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.9
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.7.3
mozilla bugzilla *
mozilla bugzilla 2.17.4
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 4.0.7
mozilla bugzilla 2.17.2
mozilla bugzilla 2.17.7
mozilla bugzilla 2.22
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.6.5
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 2.17.3
mozilla bugzilla 4.0.1
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 2.16.8
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
CVE-2013-0787 HIGH

Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 17.0.3
mozilla thunderbird 17.0.1
mozilla seamonkey 2.16
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
CVE-2013-0788 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 17.0.3
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla thunderbird_esr 17.0
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla seamonkey 2.4.1
CVE-2013-0789 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-0790 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 1.0.3
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.0.6
mozilla firefox 1.4.1
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 0.1
mozilla firefox 3.6.22
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 1.0
mozilla firefox 3.6.13
mozilla firefox 3.5.13
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 3.0.3
mozilla firefox 7.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 3.5.11
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 1.0.7
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 1.5.8
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 0.10
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 0.7
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 3.5.6
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 10.0.1
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 2.0.0.12
mozilla firefox 3.6
mozilla firefox 18.0.2
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 3.5.10
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 1.5.0.9
mozilla firefox 3.0.4
mozilla firefox 3.6.19
mozilla firefox 1.5.0.7
mozilla firefox 0.3
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 2.0.0.20
mozilla firefox 1.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 3.0.5
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 0.9.2
mozilla firefox 2.0.0.19
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 16.0.1
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 1.5.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 2.0.0.1
mozilla firefox 3.6.4
mozilla firefox 1.5.7
mozilla firefox 3.5.8
mozilla firefox 6.0.2
mozilla firefox 3.0.8
mozilla firefox 3.0.13
CVE-2013-0791 MEDIUM

The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
mozilla firefox_esr *
redhat enterprise_linux_server_aus 5.9
mozilla network_security_services *
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
oracle vm_server 3.2
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 12.10
redhat enterprise_linux_server 6.0
CVE-2013-0792 MEDIUM

Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-0793 MEDIUM

Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 17.0.3
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla thunderbird_esr 17.0
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla seamonkey 2.4.1
CVE-2013-0794 MEDIUM

Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-0795 HIGH

The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 17.0.3
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla thunderbird_esr 17.0
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla seamonkey 2.4.1
CVE-2013-0796 HIGH

The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox_esr *
mozilla thunderbird_esr *
CVE-2013-0797 MEDIUM

Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 17.0.3
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla thunderbird_esr 17.0
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla seamonkey 2.4.1
CVE-2013-0798 MEDIUM

Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.1
CVE-2013-0799 HIGH

Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
CVE-2013-0800 MEDIUM

Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.1
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
suse linux_enterprise_software_development_kit 10
canonical ubuntu_linux 12.04
mozilla thunderbird_esr *
opensuse opensuse 11.4
debian debian_linux 7.0
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
canonical ubuntu_linux 11.10
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
opensuse opensuse 12.3
CVE-2013-0801 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1620 MEDIUM

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
oracle traffic_director 11.1.1.6.0
oracle glassfish_server 2.1.1
canonical ubuntu_linux 12.04
oracle iplanet_web_server 7.0
redhat enterprise_linux_eus 5.9
oracle enterprise_manager_ops_center 12.2
redhat enterprise_linux_server_aus 5.9
mozilla network_security_services *
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_desktop 5.0
oracle vm_server 3.2
canonical ubuntu_linux 11.10
redhat enterprise_linux_workstation 6.0
oracle opensso 3.0-03
oracle iplanet_web_proxy_server 4.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
oracle enterprise_manager_ops_center 12.1
oracle iplanet_web_server 6.1
oracle traffic_director 11.1.1.7.0
oracle glassfish_communications_server 2.0
canonical ubuntu_linux 12.10
oracle enterprise_manager_ops_center 11.1
CVE-2013-1669 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 19.0.1
CVE-2013-1670 MEDIUM

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1671 MEDIUM

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 19.0.1
CVE-2013-1672 MEDIUM

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird_esr *
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
CVE-2013-1673 MEDIUM

The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not properly maintain Mozilla Maintenance Service registry entries in certain situations involving upgrades from older Firefox versions, which allows local users to gain privileges by leveraging write access to a "trusted path."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 19.0.1
CVE-2013-1674 HIGH

Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1675 MEDIUM

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-665,CWE-665,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_for_power_big_endian_eus 6.4_ppc64
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_for_ibm_z_systems_eus 5.9_s390x
mozilla thunderbird *
redhat gluster_storage_server_for_on-premise 2.1
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_for_ibm_z_systems 5.0_s390x
opensuse opensuse 12.3
redhat enterprise_linux_for_ibm_z_systems_eus 6.4_s390x
redhat enterprise_linux_server 6.0
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_for_power_big_endian_eus 5.9_ppc
redhat enterprise_linux_server_eus_from_rhui 6.4
redhat enterprise_linux_server_eus_from_rhui 5.9
redhat enterprise_linux_eus 6.4
canonical ubuntu_linux 12.10
redhat enterprise_linux_for_power_big_endian 5.0_ppc
redhat enterprise_linux_for_ibm_z_systems 6.0_s390x
CVE-2013-1676 HIGH

The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1677 HIGH

The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1678 HIGH

The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1679 HIGH

Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1680 HIGH

Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1681 HIGH

Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla thunderbird 17.0.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla thunderbird 17.0
mozilla firefox 19.0.1
mozilla firefox 17.0
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 17.0.4
mozilla thunderbird *
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla thunderbird 17.0.2
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1682 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1683 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1684 HIGH

Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1685 HIGH

Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1686 HIGH

Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1687 HIGH

The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1688 HIGH

The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1689 MEDIUM

Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 20.0
CVE-2013-1690 HIGH

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-119,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 5.9
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_server_aus 5.9
redhat gluster_storage_server_for_on-premise 2.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla thunderbird_esr *
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 10
redhat enterprise_linux_server_aus 6.4
opensuse opensuse 11.4
redhat enterprise_linux_eus 6.4
suse linux_enterprise_desktop 10
canonical ubuntu_linux 12.10
suse linux_enterprise_server 10
CVE-2013-1692 MEDIUM

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1693 MEDIUM

The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1694 HIGH

The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1695 MEDIUM

Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1696 MEDIUM

Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1697 HIGH

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1698 MEDIUM

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1699 MEDIUM

The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1700 HIGH

The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Windows does not properly handle inability to launch the Mozilla Updater executable file, which allows local users to gain privileges via vectors involving placement of a Trojan horse executable file at an arbitrary location.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1701 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 2.4.1
CVE-2013-1702 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-1704 HIGH

Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-1705 HIGH

Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-1706 HIGH

Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla firefox 21.0
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.7
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1707 HIGH

Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla firefox 21.0
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.7
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1708 MEDIUM

Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-1709 MEDIUM

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 2.4.1
CVE-2013-1710 HIGH

The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 2.4.1
CVE-2013-1711 MEDIUM

The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.0.10
mozilla seamonkey 2.4.1
CVE-2013-1712 MEDIUM

Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird_esr 17.0.4
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 20.0.1
mozilla thunderbird 17.0.2
mozilla thunderbird_esr 17.0.6
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla firefox 21.0
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.7
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.3
mozilla thunderbird_esr 17.0.5
CVE-2013-1713 MEDIUM

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 2.4.1
CVE-2013-1714 MEDIUM

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 2.4.1
CVE-2013-1715 MEDIUM

Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012-4206.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 19.0.1
CVE-2013-1717 MEDIUM

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.5
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.3.3
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla seamonkey 2.7.1
mozilla seamonkey 2.9
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla seamonkey 2.3
mozilla firefox 20.0.1
mozilla seamonkey 2.3.2
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.6
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.6.1
mozilla seamonkey 2.13.2
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla seamonkey 2.9.1
mozilla seamonkey 2.2
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.4
mozilla seamonkey 2.7.2
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.8
mozilla seamonkey 2.3.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla seamonkey 2.7
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 2.4.1
CVE-2013-1718 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1719 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.0.10
CVE-2013-1720 MEDIUM

The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.0.10
CVE-2013-1721 HIGH

Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.16.2
mozilla seamonkey 2.19
mozilla seamonkey 2.12.1
mozilla firefox 20.0
mozilla seamonkey 2.17
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 2.13.1
mozilla seamonkey 2.17.1
mozilla firefox *
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.13
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla firefox 19.0.1
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla firefox 19.0
mozilla seamonkey 2.16.1
mozilla seamonkey 2.0.9
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla firefox 21.0
mozilla seamonkey 2.0.10
mozilla seamonkey 2.0.8
CVE-2013-1722 HIGH

Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1723 MEDIUM

The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.0.10
CVE-2013-1724 HIGH

Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.0.10
CVE-2013-1725 MEDIUM

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1726 MEDIUM

Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR signature verification but before MAR use.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1727 MEDIUM

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla firefox 19.0.1
mozilla firefox 23.0
CVE-2013-1728 MEDIUM

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.0.10
CVE-2013-1729 LOW

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla firefox 19.0.1
mozilla firefox 23.0
CVE-2013-1730 MEDIUM

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1731 MEDIUM

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla firefox 19.0.1
mozilla firefox 23.0
CVE-2013-1732 HIGH

Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1733 MEDIUM

Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 4.4
CVE-2013-1734 MEDIUM

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
CVE-2013-1735 HIGH

Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1736 HIGH

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1737 MEDIUM

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-1738 HIGH

Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.0.10
CVE-2013-1739 MEDIUM

Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla network_security_services 3.14.3
mozilla network_security_services 3.14.1
mozilla network_security_services 3.12.2
mozilla network_security_services 3.12
mozilla network_security_services 3.12.9
mozilla network_security_services 3.14
mozilla network_security_services 3.12.3.2
mozilla network_security_services 3.12.5
mozilla network_security_services *
mozilla network_security_services 3.12.1
mozilla network_security_services 3.12.7
mozilla network_security_services 3.15
mozilla network_security_services 3.12.4
mozilla network_security_services 3.12.11
mozilla network_security_services 3.12.8
mozilla network_security_services 3.12.10
mozilla network_security_services 3.14.2
mozilla network_security_services 3.12.3
mozilla network_security_services 3.12.3.1
mozilla network_security_services 3.12.6
CVE-2013-1740 MEDIUM

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla network_security_services 3.4.2
mozilla network_security_services 3.14.1
mozilla network_security_services 3.7.7
mozilla network_security_services 3.12.2
mozilla network_security_services 3.15.1
mozilla network_security_services 3.12
mozilla network_security_services 3.7.1
mozilla network_security_services 3.12.9
mozilla network_security_services 3.2
mozilla network_security_services 3.11.5
mozilla network_security_services 3.5
mozilla network_security_services 3.11.3
mozilla network_security_services *
mozilla network_security_services 3.11.2
mozilla network_security_services 3.12.7
mozilla network_security_services 3.15
mozilla network_security_services 3.7.2
mozilla network_security_services 3.12.11
mozilla network_security_services 3.7
mozilla network_security_services 3.12.10
mozilla network_security_services 3.6.1
mozilla network_security_services 3.14.2
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla network_security_services 3.12.3
mozilla network_security_services 3.12.3.1
mozilla network_security_services 3.12.6
mozilla network_security_services 3.7.3
mozilla network_security_services 3.14.3
mozilla network_security_services 3.14.5
mozilla network_security_services 3.3
mozilla network_security_services 3.9
mozilla network_security_services 3.4.1
mozilla network_security_services 3.2.1
mozilla network_security_services 3.14
mozilla network_security_services 3.12.3.2
mozilla network_security_services 3.3.2
mozilla network_security_services 3.12.5
mozilla network_security_services 3.12.1
mozilla network_security_services 3.12.4
mozilla network_security_services 3.11.4
mozilla network_security_services 3.7.5
mozilla network_security_services 3.14.4
mozilla network_security_services 3.12.8
mozilla network_security_services 3.8
mozilla network_security_services 3.3.1
mozilla network_security_services 3.15.2
CVE-2013-1741 HIGH

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla network_security_services 3.15.1
mozilla network_security_services 3.15
mozilla network_security_services 3.15.2
CVE-2013-1742 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) sortkey parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
CVE-2013-1743 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the (1) summary or (2) real name field. NOTE: this issue exists because of an incomplete fix for CVE-2012-4189.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 4.2.1
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2.3
mozilla bugzilla 4.2
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 4.3.1
mozilla bugzilla 4.3
mozilla bugzilla 4.3.2
mozilla bugzilla 4.2.5
mozilla bugzilla 4.1
mozilla bugzilla 4.1.2
mozilla bugzilla 4.1.3
mozilla bugzilla 4.2.4
mozilla bugzilla 4.4
CVE-2013-2566 MEDIUM

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
fujitsu m10-4s_firmware *
fujitsu m10-4_firmware *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
fujitsu m10-1_firmware *
fujitsu sparc_enterprise_m9000_firmware *
oracle integrated_lights_out_manager_firmware *
oracle communications_application_session_controller *
fujitsu sparc_enterprise_m8000_firmware *
oracle http_server 11.1.1.9.0
mozilla thunderbird_esr *
fujitsu sparc_enterprise_m4000_firmware *
oracle http_server 12.1.3.0.0
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
oracle http_server 12.2.1.2.0
fujitsu sparc_enterprise_m5000_firmware *
fujitsu sparc_enterprise_m3000_firmware *
oracle http_server 11.1.1.7.0
canonical ubuntu_linux 12.10
oracle http_server 12.2.1.1.0
CVE-2013-4227 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla persona *
CVE-2013-5590 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5591 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla seamonkey 2.0.10
CVE-2013-5592 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 23.0.1
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla firefox 19.0.1
mozilla firefox 23.0
CVE-2013-5593 MEDIUM

The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla seamonkey 2.0.10
CVE-2013-5594 MEDIUM

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2013-5595 MEDIUM

The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5596 MEDIUM

The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla seamonkey 2.0.10
CVE-2013-5597 HIGH

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5598 HIGH

PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 19.0.2
mozilla firefox 20.0
mozilla firefox 24.0
mozilla firefox 19.0.1
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox *
mozilla firefox 23.0.1
mozilla firefox_esr 24.0.1
mozilla firefox 24.0.2
mozilla firefox 21.0
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla firefox 24.0.1
mozilla firefox_esr 24.0.2
CVE-2013-5599 HIGH

Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5600 HIGH

Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5601 HIGH

Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5602 HIGH

The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5603 HIGH

Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla thunderbird 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla seamonkey 2.0.10
CVE-2013-5604 HIGH

The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla firefox 17.0.3
mozilla firefox 20.0
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla firefox 22.0
mozilla thunderbird 17.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla firefox 19.0.2
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 2.14
mozilla seamonkey 2.15.1
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla firefox 17.0.4
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 2.0
mozilla firefox 21.0
mozilla thunderbird_esr 17.0
mozilla firefox 17.0.5
mozilla thunderbird_esr 17.0.3
mozilla firefox_esr 24.0.2
mozilla seamonkey 2.0.8
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla firefox 17.0.6
mozilla thunderbird 17.0
mozilla firefox 17.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 17.0.8
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla firefox 24.0
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla firefox 19.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 2.22
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
CVE-2013-5605 HIGH

Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla network_security_services 3.14.3
mozilla network_security_services 3.14.1
mozilla network_security_services 3.14.4
mozilla network_security_services 3.15.1
mozilla network_security_services 3.14.2
mozilla network_security_services 3.14
mozilla network_security_services 3.15
mozilla network_security_services 3.15.2
CVE-2013-5606 MEDIUM

The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla network_security_services 3.15.1
mozilla network_security_services 3.15
mozilla network_security_services 3.15.2
CVE-2013-5607 HIGH

Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla netscape_portable_runtime 4.9.3
mozilla seamonkey 2.19
mozilla netscape_portable_runtime 4.9.2
mozilla firefox 20.0
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla netscape_portable_runtime 4.8.6
mozilla netscape_portable_runtime 4.6.8
mozilla firefox 19.0.2
mozilla netscape_portable_runtime 4.2
mozilla seamonkey 2.0.11
mozilla firefox 17.0.10
mozilla seamonkey 2.15.1
mozilla netscape_portable_runtime 4.7.2
mozilla seamonkey 2.11
mozilla seamonkey 2.13.2
mozilla netscape_portable_runtime 4.9.1
mozilla netscape_portable_runtime 4.7.5
mozilla firefox 17.0.4
mozilla netscape_portable_runtime 4.9.4
mozilla firefox 21.0
mozilla seamonkey 2.0.8
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 2.0.6
mozilla netscape_portable_runtime 4.8.8
mozilla firefox 17.0.6
mozilla firefox 17.0
mozilla netscape_portable_runtime 4.4.1
mozilla netscape_portable_runtime 4.6.4
mozilla seamonkey 2.0.12
mozilla netscape_portable_runtime 4.9
mozilla netscape_portable_runtime 4.3
mozilla firefox 24.0
mozilla netscape_portable_runtime 4.7
mozilla seamonkey 2.13
mozilla netscape_portable_runtime 4.2.2
mozilla netscape_portable_runtime 4.7.3
mozilla seamonkey 2.16.1
mozilla firefox_esr 24.0.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 2.22
mozilla netscape_portable_runtime 4.7.1
mozilla netscape_portable_runtime 4.9.6
mozilla firefox 17.0.3
mozilla seamonkey 2.0.1
mozilla seamonkey 2.13.1
mozilla netscape_portable_runtime 4.8.2
mozilla firefox 17.0.1
mozilla firefox 17.0.2
mozilla netscape_portable_runtime 4.1.1
mozilla seamonkey 2.17.1
mozilla netscape_portable_runtime 4.6
mozilla seamonkey *
mozilla firefox 23.0.1
mozilla netscape_portable_runtime *
mozilla seamonkey 2.12
mozilla netscape_portable_runtime 4.8.7
mozilla firefox 24.0.2
mozilla firefox 20.0.1
mozilla netscape_portable_runtime 4.8.4
mozilla firefox 22.0
mozilla netscape_portable_runtime 4.6.2
mozilla netscape_portable_runtime 4.6.1
mozilla netscape_portable_runtime 4.7.6
mozilla seamonkey 2.18
mozilla seamonkey 2.14
mozilla netscape_portable_runtime 4.9.5
mozilla seamonkey 2.10.1
mozilla firefox 23.0
mozilla firefox 19.0
mozilla firefox 17.0.7
mozilla seamonkey 2.0.9
mozilla netscape_portable_runtime 4.1.2
mozilla seamonkey 2.0
mozilla netscape_portable_runtime 4.8
mozilla firefox 17.0.5
mozilla firefox_esr 24.0.2
mozilla netscape_portable_runtime 4.10
mozilla seamonkey 2.17
mozilla seamonkey 2.15
mozilla firefox 17.0.9
mozilla netscape_portable_runtime 4.8.5
mozilla seamonkey 2.16
mozilla netscape_portable_runtime 4.5.1
mozilla firefox *
mozilla firefox 17.0.8
mozilla netscape_portable_runtime 4.6.6
mozilla firefox 24.0.1
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.0.4
mozilla netscape_portable_runtime 4.6.3
mozilla netscape_portable_runtime 4.8.9
mozilla netscape_portable_runtime 4.6.5
mozilla netscape_portable_runtime 4.8.3
mozilla firefox 19.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla netscape_portable_runtime 4.7.4
mozilla seamonkey 2.0.10
mozilla netscape_portable_runtime 4.6.7
CVE-2013-5609 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
fedoraproject fedora 18
canonical ubuntu_linux 12.10
CVE-2013-5610 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
oracle solaris 11.3
suse linux_enterprise_desktop 11
fedoraproject fedora 18
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2013-5611 MEDIUM

Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
suse linux_enterprise_software_development_kit 11
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 7.0.1
opensuse_project opensuse 11.4
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
fedoraproject fedora 19
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
canonical ubuntu_linux 13.04
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
canonical ubuntu_linux 12.10
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
opensuse_project opensuse 12.3
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
fedoraproject fedora 20
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 1.0.7
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
canonical ubuntu_linux 13.10
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
suse linux_enterprise_server 11
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
suse linux_enterprise_desktop 11
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2013-5612 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
oracle solaris 11.3
canonical ubuntu_linux 12.10
CVE-2013-5613 HIGH

Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
fedoraproject fedora 18
canonical ubuntu_linux 12.10
CVE-2013-5614 MEDIUM

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
oracle solaris 11.3
canonical ubuntu_linux 12.10
CVE-2013-5615 HIGH

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
mozilla thunderbird *
suse suse_linux_enterprise_desktop 11
fedoraproject fedora 18
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2013-5616 HIGH

Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
fedoraproject fedora 18
canonical ubuntu_linux 12.10
CVE-2013-5618 HIGH

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
fedoraproject fedora 18
canonical ubuntu_linux 12.10
CVE-2013-5619 HIGH

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
oracle solaris 11.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
fedoraproject fedora 20
CVE-2013-6167 MEDIUM

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2013-6629 MEDIUM

The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 10.04
opensuse opensuse 12.2
artifex gpl_ghostscript *
canonical ubuntu_linux 12.04
google chrome *
mozilla firefox_esr *
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
debian debian_linux 7.0
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
mozilla thunderbird *
oracle solaris 11.3
fedoraproject fedora 18
libjpeg-turbo libjpeg-turbo *
canonical ubuntu_linux 12.10
debian debian_linux 8.0
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2013-6671 HIGH

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
fedoraproject fedora 18
canonical ubuntu_linux 12.10
CVE-2013-6672 MEDIUM

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
oracle solaris 11.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2013-6673 MEDIUM

Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
mozilla thunderbird *
suse linux_enterprise_desktop 11
fedoraproject fedora 18
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2013-6674 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a related issue to CVE-2014-2018.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.9
mozilla thunderbird_esr 17.0.10
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla seamonkey 1.0.3
mozilla thunderbird 17.0.2
mozilla seamonkey 1.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.15.1
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 1.1.2
mozilla seamonkey 2.13.2
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird_esr 17.0
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 1.1.19
mozilla seamonkey 2.17
mozilla seamonkey 1.1.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 17.0
mozilla seamonkey 1.1.1
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2014-1477 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
CVE-2014-1478 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 13.10
oracle solaris 11.3
opensuse opensuse 13.1
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
opensuse opensuse 11.4
CVE-2014-1479 MEDIUM

The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
CVE-2014-1480 MEDIUM

The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
oracle solaris 11.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
CVE-2014-1481 MEDIUM

Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
CVE-2014-1482 HIGH

RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
CVE-2014-1483 MEDIUM

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
mozilla seamonkey *
oracle solaris 11.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
CVE-2014-1484 MEDIUM

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
suse linux_enterprise_software_development_kit 11
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
opensuse_project opensuse 12.3
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 1.0.7
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
suse linux_enterprise_server 11
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
suse linux_enterprise_desktop 11
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2014-1485 HIGH

The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
mozilla firefox *
mozilla seamonkey *
oracle solaris 11.3
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
CVE-2014-1486 HIGH

Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 11.4
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
fedoraproject fedora 19
mozilla seamonkey *
mozilla thunderbird *
suse suse_linux_enterprise_desktop 11
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
CVE-2014-1487 MEDIUM

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
fedoraproject fedora 19
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
CVE-2014-1488 HIGH

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 13.10
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
CVE-2014-1489 MEDIUM

Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
suse linux_enterprise_software_development_kit 11
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
canonical ubuntu_linux 12.10
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
opensuse_project opensuse 12.3
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 1.0.7
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
canonical ubuntu_linux 13.10
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
suse linux_enterprise_server 11
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
suse linux_enterprise_desktop 11
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2014-1490 HIGH

Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.10
oracle enterprise_manager_ops_center 12.2.0
opensuse opensuse 13.1
mozilla network_security_services *
oracle enterprise_manager_ops_center 12.2.1
oracle enterprise_manager_ops_center 12.3.0
opensuse opensuse 11.4
debian debian_linux 7.0
mozilla firefox *
fedoraproject fedora 19
oracle vm_server 3.2
mozilla seamonkey *
mozilla thunderbird *
oracle enterprise_manager_ops_center *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2014-1491 MEDIUM

Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.10
oracle enterprise_manager_ops_center 12.2.0
opensuse opensuse 13.1
mozilla network_security_services *
oracle enterprise_manager_ops_center 12.2.1
oracle enterprise_manager_ops_center 12.3.0
opensuse opensuse 11.4
debian debian_linux 7.0
mozilla firefox *
fedoraproject fedora 19
oracle vm_server 3.2
mozilla seamonkey *
mozilla thunderbird *
oracle enterprise_manager_ops_center *
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2014-1492 MEDIUM

The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla network_security_services 3.4.2
mozilla network_security_services 3.12.2
mozilla network_security_services 3.15.1
mozilla network_security_services 3.12
mozilla network_security_services 3.12.9
mozilla network_security_services 3.2
mozilla network_security_services 3.11.5
mozilla network_security_services *
mozilla network_security_services 3.11.2
mozilla network_security_services 3.12.7
mozilla network_security_services 3.12.11
mozilla network_security_services 3.7
mozilla network_security_services 3.14.2
mozilla network_security_services 3.12.3.1
mozilla network_security_services 3.12.6
mozilla network_security_services 3.14.3
mozilla network_security_services 3.9
mozilla network_security_services 3.2.1
mozilla network_security_services 3.14
mozilla network_security_services 3.3.2
mozilla network_security_services 3.7.5
mozilla network_security_services 3.15.3
mozilla network_security_services 3.14.4
mozilla network_security_services 3.8
mozilla network_security_services 3.15.2
mozilla network_security_services 3.14.1
mozilla network_security_services 3.7.7
mozilla network_security_services 3.7.1
mozilla network_security_services 3.5
mozilla network_security_services 3.11.3
mozilla network_security_services 3.15
mozilla network_security_services 3.7.2
mozilla network_security_services 3.12.10
mozilla network_security_services 3.6.1
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla network_security_services 3.12.3
mozilla network_security_services 3.7.3
mozilla network_security_services 3.14.5
mozilla network_security_services 3.3
mozilla network_security_services 3.4.1
mozilla network_security_services 3.15.3.1
mozilla network_security_services 3.15.4
mozilla network_security_services 3.12.3.2
mozilla network_security_services 3.12.5
mozilla network_security_services 3.12.1
mozilla network_security_services 3.12.4
mozilla network_security_services 3.11.4
mozilla network_security_services 3.12.8
mozilla network_security_services 3.3.1
CVE-2014-1493 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1494 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
mozilla seamonkey *
opensuse_project opensuse 12.3
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse_project opensuse 11.4
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1496 LOW

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
suse suse_linux_enterprise_desktop 11
mozilla firefox_esr *
suse suse_linux_enterprise_server 11
CVE-2014-1497 MEDIUM

The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1498 MEDIUM

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
mozilla seamonkey *
opensuse_project opensuse 12.3
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse_project opensuse 11.4
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1499 MEDIUM

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
mozilla seamonkey *
opensuse_project opensuse 12.3
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse_project opensuse 11.4
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1500 MEDIUM

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
mozilla seamonkey *
opensuse_project opensuse 12.3
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse_project opensuse 11.4
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1501 MEDIUM

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
suse linux_enterprise_software_development_kit 11
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 1.0.7
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
suse linux_enterprise_server 11
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
suse linux_enterprise_desktop 11
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2014-1502 MEDIUM

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mozilla firefox *
mozilla seamonkey *
opensuse_project opensuse 12.3
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse_project opensuse 11.4
opensuse opensuse 13.1
suse linux_enterprise_server 11
CVE-2014-1504 LOW

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
suse linux_enterprise_sdk 11
oracle solaris 11.3
suse linux_enterprise_desktop 11
opensuse opensuse 13.1
suse linux_enterprise_server 11
opensuse opensuse 12.3
opensuse opensuse 11.4
CVE-2014-1505 MEDIUM

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1506 MEDIUM

Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 1.0.7
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2014-1507 HIGH

Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
mozilla firefoxos *
oracle solaris 11.3
CVE-2014-1508 MEDIUM

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1509 MEDIUM

Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 12.04
mozilla firefox_esr *
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
opensuse opensuse 11.4
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
suse suse_linux_enterprise_desktop 11
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
canonical ubuntu_linux 12.10
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
CVE-2014-1510 HIGH

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1511 HIGH

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1512 HIGH

Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1513 HIGH

TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1514 HIGH

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
suse suse_linux_enterprise_software_development_kit 11.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
opensuse opensuse 11.4
suse suse_linux_enterprise_desktop 11
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1515 LOW

Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1516 MEDIUM

The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it easier for attackers to bypass a profile-randomization protection mechanism via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1517 MEDIUM

The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a "login CSRF" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 4.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
fedoraproject fedora 20
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.0.13
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 4.5.1
mozilla bugzilla 4.5.2
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
fedoraproject fedora 19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
CVE-2014-1518 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1519 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 19
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 12.10
canonical ubuntu_linux 14.04
opensuse opensuse 12.3
fedoraproject fedora 20
CVE-2014-1520 MEDIUM

maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 19
mozilla firefox_esr *
fedoraproject fedora 20
CVE-2014-1522 HIGH

The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 19
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 12.10
canonical ubuntu_linux 14.04
opensuse opensuse 12.3
CVE-2014-1523 MEDIUM

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1524 HIGH

The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1525 HIGH

The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 19
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 12.10
canonical ubuntu_linux 14.04
opensuse opensuse 12.3
CVE-2014-1526 MEDIUM

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 19
canonical ubuntu_linux 12.04
mozilla seamonkey *
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 12.10
canonical ubuntu_linux 14.04
opensuse opensuse 12.3
CVE-2014-1527 MEDIUM

Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
fedoraproject fedora 19
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 1.0.7
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
CVE-2014-1528 HIGH

The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
fedoraproject fedora 19
canonical ubuntu_linux 12.04
canonical ubuntu_linux 13.10
mozilla seamonkey 2.25
opensuse_project opensuse 12.3
oracle solaris 11.3
opensuse opensuse 13.1
mozilla firefox 28.0
canonical ubuntu_linux 12.10
canonical ubuntu_linux 14.04
CVE-2014-1529 HIGH

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1530 MEDIUM

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1531 HIGH

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1532 HIGH

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox_esr *
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_tus 6.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
opensuse opensuse 12.3
fedoraproject fedora 20
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_eus 6.5
suse suse_linux_enterprise_server 10
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_aus 6.5
canonical ubuntu_linux 13.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
opensuse opensuse 11.4
fedoraproject fedora 19
canonical ubuntu_linux 12.10
debian debian_linux 8.0
CVE-2014-1533 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 24.0
mozilla firefox 24.1.0
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla firefox_esr 24.4
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla firefox 24.0.1
mozilla firefox_esr 24.0.2
CVE-2014-1534 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1536 HIGH

The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1537 HIGH

Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1538 HIGH

Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla thunderbird 24.4
mozilla firefox 24.1.0
mozilla thunderbird 24.3
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla firefox_esr 24.0.2
mozilla thunderbird 24.2
CVE-2014-1539 MEDIUM

Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1540 HIGH

Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1541 HIGH

Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla thunderbird 24.4
mozilla firefox 24.1.0
mozilla thunderbird 24.3
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla firefox_esr 24.0.2
mozilla thunderbird 24.2
CVE-2014-1542 MEDIUM

Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse_project opensuse 12.3
oracle solaris 11.3
opensuse opensuse 13.1
CVE-2014-1543 HIGH

Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2014-1544 HIGH

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla network_security_services 3.4.2
mozilla thunderbird 24.4
mozilla network_security_services 3.12.2
mozilla network_security_services 3.15.1
mozilla network_security_services 3.12
mozilla network_security_services 3.12.9
mozilla network_security_services 3.2
mozilla network_security_services 3.11.5
mozilla network_security_services 3.11.2
mozilla network_security_services 3.12.7
mozilla network_security_services 3.12.11
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla network_security_services 3.7
mozilla firefox 24.0.2
mozilla network_security_services 3.14.2
mozilla network_security_services 3.12.3.1
mozilla network_security_services 3.12.6
mozilla network_security_services 3.14.3
mozilla network_security_services 3.9
mozilla thunderbird 24.0.1
mozilla firefox 24.1.0
mozilla network_security_services 3.2.1
mozilla network_security_services 3.14
mozilla network_security_services 3.3.2
mozilla firefox 24.1.1
mozilla network_security_services 3.7.5
mozilla network_security_services 3.15.3
mozilla network_security_services 3.14.4
mozilla firefox_esr 24.3
mozilla network_security_services 3.8
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox_esr 24.0.2
mozilla network_security_services 3.15.2
mozilla network_security_services 3.14.1
mozilla network_security_services 3.7.7
mozilla network_security_services 3.7.1
mozilla network_security_services 3.5
mozilla network_security_services 3.11.3
mozilla thunderbird 24.3
mozilla network_security_services 3.15
mozilla network_security_services 3.7.2
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla network_security_services 3.12.10
mozilla network_security_services 3.6.1
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla network_security_services 3.12.3
mozilla network_security_services 3.7.3
mozilla thunderbird 24.2
mozilla network_security_services 3.14.5
mozilla network_security_services 3.16
mozilla network_security_services 3.3
mozilla network_security_services 3.4.1
mozilla firefox 24.0
mozilla network_security_services 3.15.3.1
mozilla network_security_services 3.15.4
mozilla network_security_services 3.12.3.2
mozilla firefox_esr 24.6
mozilla network_security_services 3.12.5
mozilla network_security_services 3.12.1
mozilla network_security_services 3.15.5
mozilla network_security_services 3.12.4
mozilla network_security_services 3.11.4
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla network_security_services 3.12.8
mozilla network_security_services 3.3.1
CVE-2014-1545 HIGH

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla netscape_portable_runtime 4.9.3
mozilla netscape_portable_runtime 4.9.2
mozilla netscape_portable_runtime 4.9.6
mozilla netscape_portable_runtime 4.8.5
mozilla netscape_portable_runtime 4.8.2
mozilla netscape_portable_runtime 4.5.1
mozilla netscape_portable_runtime 4.8.8
mozilla netscape_portable_runtime 4.10.4
mozilla netscape_portable_runtime 4.1.1
mozilla netscape_portable_runtime 4.4.1
mozilla netscape_portable_runtime 4.6
mozilla netscape_portable_runtime 4.8.6
mozilla netscape_portable_runtime *
mozilla netscape_portable_runtime 4.8.7
mozilla netscape_portable_runtime 4.10.2
mozilla netscape_portable_runtime 4.6.6
mozilla netscape_portable_runtime 4.8.4
mozilla netscape_portable_runtime 4.6.4
mozilla netscape_portable_runtime 4.6.8
mozilla netscape_portable_runtime 4.6.2
mozilla netscape_portable_runtime 4.6.1
mozilla netscape_portable_runtime 4.10.3
mozilla netscape_portable_runtime 4.7.6
mozilla netscape_portable_runtime 4.9
mozilla netscape_portable_runtime 4.2
mozilla netscape_portable_runtime 4.3
mozilla netscape_portable_runtime 4.6.3
mozilla netscape_portable_runtime 4.8.9
mozilla netscape_portable_runtime 4.7
mozilla netscape_portable_runtime 4.9.5
mozilla netscape_portable_runtime 4.7.2
mozilla netscape_portable_runtime 4.6.5
mozilla netscape_portable_runtime 4.2.2
mozilla netscape_portable_runtime 4.7.3
mozilla netscape_portable_runtime 4.8.3
mozilla netscape_portable_runtime 4.9.1
mozilla netscape_portable_runtime 4.7.5
mozilla netscape_portable_runtime 4.10.1
mozilla netscape_portable_runtime 4.9.4
mozilla netscape_portable_runtime 4.1.2
mozilla netscape_portable_runtime 4.7.4
mozilla netscape_portable_runtime 4.8
mozilla netscape_portable_runtime 4.7.1
mozilla netscape_portable_runtime 4.6.7
mozilla netscape_portable_runtime 4.10
CVE-2014-1546 MEDIUM

The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14, 4.1.x and 4.2.x before 4.2.10, 4.3.x and 4.4.x before 4.4.5, and 4.5.x before 4.5.5 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with the _bz_callback character set.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 3.1.3
mozilla bugzilla 4.5
mozilla bugzilla 3.0.11
mozilla bugzilla 3.6.8
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 4.2.1
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 4.5.4
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 3.0.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 3.0.5
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 4.0.13
mozilla bugzilla 4.1
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 4.5.1
mozilla bugzilla 4.5.2
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 3.5.2
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 4.5.3
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.7
mozilla bugzilla 3.2.10
mozilla bugzilla 3.5.1
mozilla bugzilla 3.4.8
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 4.2.5
mozilla bugzilla 4.2.9
mozilla bugzilla 3.0.6
mozilla bugzilla 3.1.1
mozilla bugzilla 3.4.4
mozilla bugzilla 4.4.3
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 3.3.1
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 3.2.6
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 4.2.4
CVE-2014-1547 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla thunderbird 24.4
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla thunderbird 24.3
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla firefox_esr 24.0.2
mozilla thunderbird 24.2
CVE-2014-1548 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1549 HIGH

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1550 HIGH

Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1551 HIGH

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla thunderbird 24.4
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla thunderbird 24.3
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla firefox_esr 24.0.2
mozilla thunderbird 24.2
CVE-2014-1552 MEDIUM

Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1553 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.0
mozilla firefox 30.0
opensuse opensuse 13.1
opensuse evergreen 11.4
opensuse opensuse 12.3
mozilla firefox 31.0
CVE-2014-1554 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.0
CVE-2014-1555 HIGH

Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla thunderbird 24.4
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla thunderbird 24.3
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla firefox_esr 24.0.2
mozilla thunderbird 24.2
CVE-2014-1556 HIGH

Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla thunderbird 24.4
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla thunderbird 24.3
mozilla firefox 24.1.1
mozilla firefox_esr 24.5
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox 24.0.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla firefox_esr 24.0.2
mozilla thunderbird 24.2
CVE-2014-1557 HIGH

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
debian debian_linux 6.0
mozilla thunderbird 24.4
mozilla thunderbird 24.3
mozilla firefox_esr 24.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox 24.0.2
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla thunderbird 24.2
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla firefox 24.1.1
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox_esr 24.3
oracle solaris 11.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox_esr 24.0.2
CVE-2014-1558 MEDIUM

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1559 MEDIUM

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1560 MEDIUM

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.6
mozilla firefox *
mozilla thunderbird 24.0.1
mozilla thunderbird *
mozilla thunderbird 24.4
mozilla thunderbird 24.5
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.0
mozilla thunderbird 24.3
mozilla thunderbird 24.2
CVE-2014-1561 MEDIUM

Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
CVE-2014-1562 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird 24.4
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla thunderbird 24.3
mozilla firefox_esr 24.5
mozilla firefox *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox 24.0.2
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla thunderbird 24.2
mozilla thunderbird 24.6
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla firefox 24.1.1
mozilla thunderbird 24.7
mozilla firefox_esr 24.7
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox_esr 24.0.2
mozilla firefox 31.0
CVE-2014-1563 HIGH

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
mozilla thunderbird 31.0
mozilla firefox 30.0
opensuse opensuse 13.1
opensuse evergreen 11.4
opensuse opensuse 12.3
mozilla firefox 31.0
CVE-2014-1564 MEDIUM

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-824,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.0
mozilla firefox 30.0
opensuse opensuse 13.1
opensuse evergreen 11.4
opensuse opensuse 12.3
mozilla firefox 31.0
CVE-2014-1565 MEDIUM

The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.0
CVE-2014-1566 MEDIUM

Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
CVE-2014-1567 HIGH

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird 24.4
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla thunderbird 24.3
mozilla firefox_esr 24.5
mozilla firefox *
mozilla firefox_esr 24.4
mozilla thunderbird 24.5
mozilla firefox 24.0.2
mozilla firefox 24.0.1
mozilla thunderbird 24.0
mozilla thunderbird 24.2
mozilla thunderbird 24.6
mozilla thunderbird 24.0.1
mozilla firefox 24.0
mozilla firefox 24.1.0
mozilla firefox_esr 24.6
mozilla firefox 24.1.1
mozilla thunderbird 24.7
mozilla firefox_esr 24.7
mozilla firefox_esr 24.0.1
mozilla firefox_esr 24.2
mozilla firefox_esr 24.3
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla firefox_esr 24.0.2
mozilla firefox 31.0
CVE-2014-1568 HIGH

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla network_security_services 3.12.2
mozilla network_security_services 3.15.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla network_security_services 3.12
mozilla network_security_services 3.12.9
mozilla thunderbird 31.0
mozilla seamonkey 1.5.0.8
mozilla network_security_services 3.12.7
mozilla network_security_services 3.7
mozilla network_security_services 3.16.4
mozilla firefox 32.0.1
mozilla network_security_services 3.9
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.15.1
mozilla seamonkey 1.5.0.10
mozilla seamonkey 2.11
mozilla seamonkey 1.1.2
mozilla seamonkey 2.13.2
mozilla network_security_services 3.7.5
mozilla network_security_services 3.14.4
mozilla seamonkey 2.2
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla network_security_services 3.15.2
mozilla seamonkey 2.16.2
mozilla network_security_services 3.14.1
mozilla seamonkey 2.12.1
mozilla seamonkey 2.21
mozilla seamonkey 1.1.19
mozilla network_security_services 3.7.7
mozilla network_security_services 3.7.1
mozilla network_security_services 3.11.3
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
google chrome 37.0.2062.100
mozilla thunderbird *
mozilla seamonkey 1.0.9
mozilla network_security_services 3.6.1
mozilla network_security_services 3.12.3
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla network_security_services 3.7.3
google chrome 37.0.2062.0
mozilla network_security_services 3.14.5
mozilla seamonkey 1.1.3
google chrome *
mozilla seamonkey 2.13
mozilla network_security_services 3.15.4
mozilla network_security_services 3.12.3.2
mozilla thunderbird 31.1.1
mozilla network_security_services 3.12.1
mozilla network_security_services 3.15.5
google chrome 37.0.2062.20
mozilla network_security_services 3.12.4
mozilla network_security_services 3.11.4
mozilla seamonkey 2.16.1
mozilla thunderbird 31.1.0
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla seamonkey 2.22
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla seamonkey 1.0.1
mozilla network_security_services 3.3.1
mozilla firefox 31.1.0
mozilla seamonkey 1.1.9
mozilla network_security_services 3.16.3
mozilla network_security_services 3.4.2
mozilla seamonkey 2.0.1
mozilla seamonkey 2.24
mozilla network_security_services 3.2
mozilla network_security_services 3.11.5
mozilla seamonkey 2.13.1
mozilla network_security_services *
mozilla seamonkey 1.0.8
mozilla network_security_services 3.11.2
mozilla seamonkey 2.17.1
mozilla network_security_services 3.12.11
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 2.12
mozilla seamonkey 1.0.3
mozilla network_security_services 3.14.2
mozilla firefox_esr 24.8.0
mozilla network_security_services 3.12.3.1
mozilla network_security_services 3.12.6
mozilla seamonkey 1.0.2
mozilla network_security_services 3.16.1
mozilla network_security_services 3.14.3
mozilla seamonkey 2.18
mozilla seamonkey 2.14
mozilla seamonkey 1.0.6
mozilla network_security_services 3.2.1
mozilla seamonkey 1.5.0.9
mozilla network_security_services 3.14
mozilla seamonkey 1.0.4
mozilla network_security_services 3.3.2
mozilla seamonkey 2.10.1
mozilla seamonkey 2.0.9
mozilla network_security_services 3.15.3
google chrome 37.0.2062.3
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla network_security_services 3.8
mozilla seamonkey 1.1.12
mozilla seamonkey 2.17
mozilla seamonkey 1.1.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla network_security_services 3.5
mozilla network_security_services 3.15
mozilla network_security_services 3.7.2
mozilla seamonkey 1.1.1
mozilla firefox *
mozilla network_security_services 3.12.10
mozilla seamonkey 1.1.14
mozilla network_security_services 3.4
mozilla network_security_services 3.6
mozilla seamonkey 2.26
mozilla firefox 32.0.2
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla seamonkey 2.23
mozilla seamonkey 2.0.4
mozilla network_security_services 3.16
mozilla network_security_services 3.3
mozilla network_security_services 3.4.1
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.13
mozilla network_security_services 3.15.3.1
mozilla seamonkey 2.25
mozilla network_security_services 3.12.5
google chrome 37.0.2062.102
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.1
mozilla seamonkey 2.20
mozilla network_security_services 3.12.8
mozilla seamonkey 2.22.1
mozilla seamonkey 2.0.10
mozilla seamonkey 1.1.8
mozilla firefox 31.0
CVE-2014-1569 HIGH

The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla network_security_services 3.17.2
mozilla network_security_services 3.16.2.0
mozilla network_security_services 3.16.2.1
mozilla network_security_services 3.17.1
mozilla network_security_services 3.17.0
mozilla network_security_services *
mozilla network_security_services 3.16.2.2
CVE-2014-1571 MEDIUM

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment information by leveraging a role as a flag recipient, related to Bug.pm, Flag.pm, and a mail template.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 3.1.3
mozilla bugzilla 4.0.14
mozilla bugzilla 2.14.5
mozilla bugzilla 4.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
fedoraproject fedora 20
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 2.21.1
mozilla bugzilla 4.5.4
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.2.10
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.0.13
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 4.5.1
mozilla bugzilla 4.5.2
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
fedoraproject fedora 19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 4.5.5
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 4.5.3
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.2.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
fedoraproject fedora 21
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 3.0_rc1
mozilla bugzilla 4.4.3
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
CVE-2014-1572 MEDIUM

The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for the realname parameter, which allows remote attackers to create accounts with unverified e-mail addresses by sending three realname values with realname=login_name as the second, as demonstrated by selecting an e-mail address with a domain name for which group privileges are automatically granted.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 3.1.3
mozilla bugzilla 4.0.14
mozilla bugzilla 2.14.5
mozilla bugzilla 4.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
fedoraproject fedora 20
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 2.21.1
mozilla bugzilla 4.5.4
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.2.10
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.0.13
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 4.5.1
mozilla bugzilla 4.5.2
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
fedoraproject fedora 19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 4.5.5
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 4.5.3
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.2.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
fedoraproject fedora 21
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 3.0_rc1
mozilla bugzilla 4.4.3
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
CVE-2014-1573 MEDIUM

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting (XSS) attacks by sending three values for a single parameter name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 3.1.3
mozilla bugzilla 4.0.14
mozilla bugzilla 2.14.5
mozilla bugzilla 4.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
fedoraproject fedora 20
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 2.21.1
mozilla bugzilla 4.5.4
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.2.10
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.0.13
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 2.23.1
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 4.5.1
mozilla bugzilla 4.5.2
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
fedoraproject fedora 19
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 2.21.2
mozilla bugzilla 4.5.5
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.18.8
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 3.7.1
mozilla bugzilla 4.5.3
mozilla bugzilla 2.18.6+
mozilla bugzilla 3.1.2
mozilla bugzilla 3.2
mozilla bugzilla 4.2.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.16_rc2
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
fedoraproject fedora 21
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 3.0_rc1
mozilla bugzilla 4.4.3
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
CVE-2014-1574 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1575 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1576 HIGH

Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1577 MEDIUM

The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1578 HIGH

The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1580 MEDIUM

Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1581 HIGH

Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1582 MEDIUM

The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1583 MEDIUM

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1584 MEDIUM

The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site via a crafted certificate that leads to presentation of the Untrusted Connection dialog to the user.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1585 MEDIUM

The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1586 MEDIUM

content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird 31.1.0
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-1587 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2014-1588 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-1589 MEDIUM

Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-1590 MEDIUM

The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2014-1591 MEDIUM

Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-199,

Products Affected

Vendor Product Version
mozilla seamonkey *
mozilla firefox 33.0
CVE-2014-1592 MEDIUM

Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2014-1593 MEDIUM

Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2014-1594 MEDIUM

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2014-1595 LOW

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information.

CVSS 2.0

Severity: LOW

Problem Type: CWE-199,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr 31.2
mozilla thunderbird *
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-2018 MEDIUM

Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in a (1) OBJECT or (2) EMBED element, a related issue to CVE-2013-6674.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla seamonkey 2.19
mozilla thunderbird_esr 17.0.10
mozilla seamonkey 2.0.1
mozilla seamonkey 2.0.3
mozilla seamonkey 2.0.5
mozilla seamonkey 2.13.1
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.0.8
mozilla thunderbird 17.0.4
mozilla seamonkey 2.17.1
mozilla seamonkey *
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.18
mozilla seamonkey 2.12
mozilla thunderbird 17.0.8
mozilla seamonkey 1.0.3
mozilla thunderbird 17.0.2
mozilla seamonkey 1.0.2
mozilla thunderbird 17.0.6
mozilla thunderbird_esr 17.0.8
mozilla seamonkey 2.18
mozilla seamonkey 2.0.11
mozilla seamonkey 1.1.16
mozilla seamonkey 2.14
mozilla seamonkey 1.0.6
mozilla seamonkey 2.15.1
mozilla seamonkey 1.5.0.9
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.4
mozilla seamonkey 2.10.1
mozilla seamonkey 2.11
mozilla seamonkey 1.1.2
mozilla seamonkey 2.13.2
mozilla thunderbird 17.0.5
mozilla seamonkey 2.0.9
mozilla seamonkey 1.0
mozilla seamonkey 2.0
mozilla seamonkey 1.0.5
mozilla thunderbird_esr 17.0
mozilla thunderbird_esr 17.0.3
mozilla seamonkey 1.1.12
mozilla seamonkey 2.0.8
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla thunderbird_esr 17.0.4
mozilla seamonkey 2.16.2
mozilla seamonkey 2.12.1
mozilla seamonkey 1.1.19
mozilla seamonkey 2.17
mozilla seamonkey 1.1.17
mozilla seamonkey 2.15
mozilla seamonkey 2.16
mozilla seamonkey 2.0.6
mozilla seamonkey 1.1.11
mozilla thunderbird 17.0
mozilla seamonkey 1.1.1
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.7
mozilla seamonkey 2.0.12
mozilla seamonkey 2.10
mozilla seamonkey 2.15.2
mozilla thunderbird_esr 17.0.6
mozilla seamonkey 2.0.4
mozilla seamonkey 1.0.7
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.13
mozilla seamonkey 2.13
mozilla thunderbird 17.0.1
mozilla thunderbird_esr 17.0.1
mozilla seamonkey 2.0.13
mozilla seamonkey 2.0.14
mozilla seamonkey 2.16.1
mozilla seamonkey 2.1
mozilla seamonkey 2.0.2
mozilla seamonkey 2.0.7
mozilla seamonkey 1.1.10
mozilla thunderbird 17.0.3
mozilla thunderbird 17.0.7
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.5
mozilla thunderbird_esr 17.0.7
mozilla seamonkey 2.0.10
mozilla thunderbird_esr 17.0.2
mozilla thunderbird_esr 17.0.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.8
mozilla seamonkey 1.1.9
CVE-2014-6492 HIGH

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jdk 1.8.0
oracle jre 1.6.0
oracle jre 1.7.0
oracle jdk 1.6.0
oracle jre 1.8.0
mozilla firefox -
CVE-2014-8630 MEDIUM

Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,

Products Affected

Vendor Product Version
mozilla bugzilla 4.2.10
mozilla bugzilla 4.4.2
mozilla bugzilla 4.2.6
mozilla bugzilla 4.3
mozilla bugzilla 4.3.2
mozilla bugzilla 4.2.5
mozilla bugzilla 4.4.4
fedoraproject fedora 21
mozilla bugzilla 4.2.9
mozilla bugzilla 4.1
mozilla bugzilla 4.2.11
mozilla bugzilla 4.1.3
mozilla bugzilla 4.5
fedoraproject fedora 20
mozilla bugzilla 4.2.1
mozilla bugzilla 4.4.3
mozilla bugzilla 4.4.6
mozilla bugzilla 4.1.1
mozilla bugzilla 4.2.3
mozilla bugzilla 4.2
mozilla bugzilla 4.4.5
mozilla bugzilla 4.3.3
mozilla bugzilla 4.5.1
mozilla bugzilla 4.2.2
mozilla bugzilla *
mozilla bugzilla 4.5.2
mozilla bugzilla 4.5.4
mozilla bugzilla 4.3.1
mozilla bugzilla 4.5.6
mozilla bugzilla 4.2.8
mozilla bugzilla 4.5.3
mozilla bugzilla 4.1.2
mozilla bugzilla 4.4.1
mozilla bugzilla 4.2.4
mozilla bugzilla 4.2.7
mozilla bugzilla 4.4
mozilla bugzilla 4.5.5
CVE-2014-8631 MEDIUM

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-8632 MEDIUM

The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-8634 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox_esr 31.2
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-8635 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-8636 HIGH

The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-8637 MEDIUM

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
CVE-2014-8638 MEDIUM

The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox_esr 31.2
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-8639 MEDIUM

Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox_esr 31.2
mozilla seamonkey *
mozilla thunderbird *
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-8640 MEDIUM

The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2014-8641 HIGH

Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox_esr 31.2
mozilla seamonkey *
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2014-8642 MEDIUM

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla seamonkey *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2014-8643 HIGH

Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-0797 MEDIUM

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_eus 6.6
redhat enterprise_linux_eus 7.1
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
debian debian_linux 7.0
redhat enterprise_linux_server_aus 7.7
mozilla firefox *
redhat enterprise_linux_server_aus 6.6
redhat enterprise_linux_desktop 5.0
mozilla seamonkey *
mozilla thunderbird *
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_server_aus 7.4
gstreamer_project gstreamer *
redhat enterprise_linux_eus 7.2
debian debian_linux 8.0
redhat enterprise_linux_eus 7.6
CVE-2015-0798 MEDIUM

The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
CVE-2015-0799 MEDIUM

The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0800 MEDIUM

The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-0801 HIGH

Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr *
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-0802 MEDIUM

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0803 HIGH

The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0804 HIGH

The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0805 HIGH

The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0806 HIGH

The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0807 MEDIUM

The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-0808 MEDIUM

The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0810 MEDIUM

Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-0811 MEDIUM

The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0812 MEDIUM

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
mozilla firefox 36.0.4
canonical ubuntu_linux 14.10
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-0813 MEDIUM

Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2015-0814 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 36.0.4
CVE-2015-0815 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2015-0816 MEDIUM

Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2015-0817 MEDIUM

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla seamonkey *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-0818 HIGH

Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla seamonkey *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-0819 MEDIUM

The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0820 LOW

Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0821 MEDIUM

Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0822 MEDIUM

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox_esr 31.5
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox_esr 31.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox_esr 31.3
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 31.1.1
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla thunderbird 31.3
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox_esr 31.2
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox_esr 31.4
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla thunderbird 31.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla thunderbird 31.1.2
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0823 HIGH

Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
opentype_sanitiser_project opentype_sanitiser *
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0824 MEDIUM

The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0825 MEDIUM

Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0826 MEDIUM

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0827 MEDIUM

Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox_esr 31.5
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox_esr 31.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox_esr 31.3
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 31.1.1
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla thunderbird 31.3
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox_esr 31.2
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox_esr 31.4
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla thunderbird 31.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla thunderbird 31.1.2
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0828 MEDIUM

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0829 MEDIUM

Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
oracle solaris 11.3
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0830 MEDIUM

The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0831 MEDIUM

Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox_esr 31.5
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox_esr 31.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
redhat enterprise_linux 6.0
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox_esr 31.3
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
redhat enterprise_linux 5
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 31.1.1
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla thunderbird 31.3
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox_esr 31.2
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox_esr 31.4
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla thunderbird 31.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla thunderbird 31.1.2
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0832 MEDIUM

Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0833 MEDIUM

Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox_esr 31.5
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox_esr 31.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox_esr 31.3
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 31.1.1
mozilla firefox 14.0
mozilla firefox 3.0.18
opensuse evergreen 11.4
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla thunderbird 31.3
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox_esr 31.2
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox_esr 31.4
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla thunderbird 31.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla thunderbird 31.1.2
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0834 MEDIUM

The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
opensuse opensuse 13.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
canonical ubuntu_linux 12.04
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
opensuse opensuse 13.2
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
canonical ubuntu_linux 14.10
mozilla firefox 3.0.4
canonical ubuntu_linux 14.04
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0835 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-0836 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 0.8
mozilla firefox 3.6.10
mozilla firefox 20.0
mozilla firefox 3.5.7
mozilla firefox 3.6.23
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.17
mozilla firefox 6.0
mozilla firefox 3.5.16
mozilla firefox 3.6.27
mozilla firefox 1.0.3
mozilla firefox 3.5.18
mozilla firefox 1.4.1
mozilla firefox_esr 31.5
mozilla firefox 0.1
mozilla firefox 19.0.2
mozilla firefox 32.0
mozilla firefox 3.5.1
mozilla firefox 11.0
mozilla firefox 3.0.15
mozilla firefox 17.0.4
mozilla firefox 1.0
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.8
mozilla firefox 1.5.1
mozilla firefox 2.0.0.15
mozilla firefox 27.0.1
mozilla firefox 7.0.1
mozilla firefox 25.0.1
mozilla firefox 18.0.1
mozilla firefox 1.0.5
mozilla firefox 2.0.0.13
mozilla firefox 29.0.1
mozilla firefox 0.5
mozilla firefox 2.0.0.11
mozilla firefox 17.0.6
mozilla firefox 2.0.0.16
mozilla firefox 16.0.2
mozilla firefox 2.0.0.9
mozilla thunderbird *
mozilla firefox 3.5.15
mozilla firefox 27.0
mozilla firefox 1.5.0.12
mozilla firefox 0.7.1
mozilla firefox 3.0.10
mozilla firefox 3.5.19
mozilla firefox 0.10
mozilla firefox 16.0
mozilla firefox 3.6.24
mozilla firefox 10.0.3
mozilla firefox 1.5.5
mozilla firefox 0.6
mozilla firefox 29.0
mozilla firefox 0.7
mozilla firefox_esr 31.1
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.10
mozilla firefox 17.0.3
mozilla firefox 8.0
mozilla firefox 12.0
mozilla firefox 1.5.0.6
mozilla firefox 3.6.16
mozilla firefox 1.5.0.3
mozilla firefox 9.0.1
mozilla firefox 17.0.1
mozilla firefox 3.6.20
mozilla firefox 17.0.2
mozilla firefox 2.0.0.5
mozilla firefox_esr 31.3
mozilla firefox 2.0.0.3
mozilla firefox 8.0.1
mozilla firefox 23.0.1
mozilla firefox 3.5.6
mozilla firefox 20.0.1
mozilla firefox 1.0.8
mozilla firefox 3.0.11
mozilla firefox 9.0
mozilla firefox 3.5.12
mozilla firefox 22.0
mozilla firefox 10.0.1
mozilla firefox 10.0.10
mozilla firefox 2.0.0.12
mozilla firefox 18.0.2
mozilla firefox 3.5.10
mozilla firefox 1.5.0.9
mozilla firefox 3.6.19
mozilla firefox 24.1.1
mozilla firefox 0.3
mozilla firefox 23.0
mozilla firefox 3.6.15
mozilla firefox 19.0
mozilla firefox 1.8
mozilla firefox 4.0.1
mozilla firefox 0.2
mozilla firefox 2.0.0.14
mozilla firefox 3.5.5
mozilla firefox 17.0.5
mozilla firefox 2.0.0.20
mozilla firefox 10.0.8
mozilla firefox 3.5.9
mozilla firefox 28.0
mozilla firefox 1.5.0.2
mozilla firefox 2.0.0.19
mozilla firefox 3.6.26
mozilla firefox 3.5.2
mozilla firefox *
mozilla firefox 0.6.1
mozilla firefox 3.6.25
mozilla firefox 17.0.11
mozilla firefox 10.0.7
mozilla firefox 0.9.1
mozilla firefox 3.6.14
mozilla firefox 3.0.7
mozilla firefox 3.0.16
mozilla firefox 19.0.1
mozilla firefox 1.5.0.1
mozilla firefox 2.0.0.2
mozilla firefox 3.6.9
mozilla firefox 3.6.4
mozilla firefox 25.0
mozilla firefox 3.5.8
mozilla firefox 3.0.8
mozilla thunderbird 31.0
mozilla firefox 30.0
mozilla firefox 3.5.14
mozilla firefox 10.0.2
mozilla firefox 3.5.17
mozilla firefox 3.0.6
mozilla firefox 7.0
mozilla firefox 31.1.1
mozilla firefox 14.0
mozilla firefox 3.0.18
mozilla firefox 1.5.0.11
mozilla firefox 3.0.1
mozilla firefox 1.5.0.5
mozilla firefox 3.6.22
mozilla firefox 17.0.10
mozilla firefox 33.0
mozilla firefox 5.0.1
mozilla firefox 3.6.17
mozilla firefox 10.0.9
mozilla firefox 10.0.12
mozilla firefox 3.6.13
mozilla firefox 21.0
mozilla firefox 3.5.13
mozilla firefox 1.5.4
mozilla firefox 3.0.3
mozilla firefox 3.5.11
mozilla firefox 34.0.5
mozilla firefox 1.0.7
mozilla firefox 17.0
mozilla firefox 5.0
mozilla firefox 1.5
mozilla firefox 1.5.8
mozilla firefox 10.0.11
mozilla firefox 3.0.14
mozilla firefox 4.0
mozilla firefox 0.10.1
mozilla firefox 24.1
mozilla firefox 1.5.2
mozilla firefox 3.6.6
mozilla firefox 3.6.28
mozilla firefox 24.0
mozilla firefox 3.0.19
mozilla firefox 2.0.0.10
mozilla firefox 3.6.8
mozilla firefox 3.6.11
mozilla firefox 3.6.3
mozilla firefox 0.9.3
mozilla firefox 3.0.2
mozilla firefox 3.0
mozilla firefox 2.0.0.18
mozilla thunderbird 31.3
mozilla firefox 3.6.12
mozilla firefox 31.1.0
mozilla firefox_esr 31.2
mozilla firefox 10.0
mozilla firefox 1.0.2
mozilla firefox 1.5.6
mozilla firefox 3.6.18
mozilla firefox 15.0.1
mozilla firefox 3.6.2
mozilla firefox 1.0.4
mozilla firefox 1.5.0.8
mozilla firefox 3.6.7
mozilla firefox 3.0.17
mozilla firefox 13.0.1
mozilla firefox 3.0.9
mozilla firefox 13.0
mozilla firefox 3.0.12
mozilla firefox 3.6
mozilla firefox 2.0.0.7
mozilla firefox 3.5
mozilla firefox 1.0.1
mozilla firefox 3.6.21
mozilla firefox 3.0.4
mozilla firefox 1.5.0.7
mozilla firefox 17.0.7
mozilla firefox 3.5.3
mozilla firefox 2.0
mozilla firefox 1.0.6
mozilla firefox 10.0.6
mozilla firefox 1.5.3
mozilla firefox_esr 31.4
mozilla firefox 3.5.4
mozilla firefox 17.0.9
mozilla firefox 3.0.5
mozilla firefox 0.9.2
mozilla thunderbird 31.2
mozilla firefox 17.0.8
mozilla firefox 15.0
mozilla firefox 18.0
mozilla firefox 10.0.5
mozilla firefox 16.0.1
mozilla firefox 0.9
mozilla firefox 6.0.1
mozilla firefox 0.4
mozilla firefox 14.0.1
mozilla firefox 2.0.0.1
mozilla firefox 10.0.4
mozilla firefox 26.0
mozilla thunderbird 31.1.2
mozilla firefox 1.5.7
mozilla firefox 6.0.2
mozilla firefox 3.0.13
mozilla firefox 31.0
CVE-2015-2706 MEDIUM

Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-2708 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2709 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_desktop 12.0
mozilla firefox *
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-2710 MEDIUM

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2711 MEDIUM

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-2712 HIGH

The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-2713 MEDIUM

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2714 LOW

Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonstrated by the READ_LOGS permission for the mixed-content violation log on Android 4.0 and earlier.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-2715 MEDIUM

Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-2716 HIGH

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2717 MEDIUM

Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-2718 MEDIUM

The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-2720 MEDIUM

The update implementation in Mozilla Firefox before 38.0 on Windows does not ensure that the pathname for updater.exe corresponds to the application directory, which might allow local users to gain privileges via a Trojan horse file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-2721 MEDIUM

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
mozilla network_security_services 3.19
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
debian debian_linux 7.0
novell suse_linux_enterprise_server 11
oracle vm_server 3.2
novell suse_linux_enterprise_server 12.0
oracle solaris 11.3
debian debian_linux 8.0
CVE-2015-2722 HIGH

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2724 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2725 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2726 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_server 11
mozilla firefox *
novell suse_linux_enterprise_server 12.0
oracle solaris 11.3
novell suse_linux_enterprise_software_development_kit 12.0
CVE-2015-2727 MEDIUM

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 38.0
CVE-2015-2728 HIGH

The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.6.0
mozilla firefox 31.3.0
novell suse_linux_enterprise_server 11
mozilla firefox *
novell suse_linux_enterprise_server 12.0
mozilla firefox 31.5.1
oracle solaris 11.3
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-2729 MEDIUM

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.6.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
oracle solaris 11.3
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-2730 MEDIUM

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
debian debian_linux 7.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_server 11
oracle vm_server 3.2
novell suse_linux_enterprise_server 12.0
oracle solaris 11.3
novell suse_linux_enterprise_software_development_kit 12.0
mozilla network_security_services *
debian debian_linux 8.0
CVE-2015-2731 HIGH

Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.6.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
oracle solaris 11.3
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-2733 HIGH

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_desktop 11
mozilla firefox_esr 31.6.0
mozilla firefox 31.3.0
mozilla firefox *
novell suse_linux_enterprise_server 12.0
mozilla firefox 31.5.1
oracle solaris 11.3
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-2734 HIGH

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 12
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
suse linux_enterprise_software_development_kit 12
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
suse suse_linux_enterprise_server 12
mozilla firefox 31.1.1
suse linux_enterprise_server 11
mozilla firefox 31.5.2
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.7.0
canonical ubuntu_linux 15.04
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2735 HIGH

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2736 HIGH

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2737 HIGH

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 12
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
suse linux_enterprise_software_development_kit 12
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
suse suse_linux_enterprise_server 12
mozilla firefox 31.1.1
suse linux_enterprise_server 11
mozilla firefox 31.5.2
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.7.0
canonical ubuntu_linux 15.04
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2738 HIGH

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 12
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
suse linux_enterprise_software_development_kit 12
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
suse suse_linux_enterprise_server 12
mozilla firefox 31.1.1
suse linux_enterprise_server 11
mozilla firefox 31.5.2
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.7.0
canonical ubuntu_linux 15.04
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2739 HIGH

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2740 HIGH

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
debian debian_linux 7.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
canonical ubuntu_linux 14.10
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
debian debian_linux 8.0
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2741 MEDIUM

Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.2
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.3
mozilla firefox_esr 31.6.0
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox 31.5.1
oracle solaris 11.3
mozilla firefox_esr 31.5
mozilla firefox_esr 31.1
mozilla firefox 31.1.1
mozilla firefox 31.1.0
mozilla firefox 31.5.2
mozilla firefox 31.0
CVE-2015-2742 MEDIUM

Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
CVE-2015-2743 HIGH

PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.2
mozilla firefox_esr 31.4
mozilla firefox_esr 38.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.3
mozilla firefox 31.3.0
mozilla firefox *
mozilla firefox 31.5.1
mozilla firefox_esr 31.5
mozilla firefox 31.1.1
mozilla firefox 31.5.2
mozilla firefox_esr 31.1.0
mozilla firefox_esr 31.5.1
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.7.0
mozilla firefox_esr 31.5.2
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 31.6.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.0
mozilla firefox_esr 31.1.1
oracle solaris 11.3
mozilla firefox_esr 31.1
mozilla firefox 31.1.0
mozilla firefox 31.0
CVE-2015-2744 MEDIUM

Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-2745 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the (1) name or (2) title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows action, as demonstrated by embedding an arbitrary application or spoofing the account-creation page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-4000 MEDIUM

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 12
google chrome -
oracle jrockit r28.3.6
opera opera_browser -
oracle jre 1.8.0
suse linux_enterprise_software_development_kit 12
mozilla firefox_esr 38.1.0
debian debian_linux 7.0
mozilla thunderbird 38.1
oracle jdk 1.8.0
microsoft internet_explorer -
mozilla seamonkey 2.35
suse suse_linux_enterprise_server 12
apple mac_os_x *
mozilla firefox 38.1.0
mozilla firefox -
oracle sparc-opl_service_processor *
oracle jre 1.6.0
oracle jdk 1.6.0
hp hp-ux b.11.31
mozilla network_security_services 3.19
apple safari -
canonical ubuntu_linux 15.04
canonical ubuntu_linux 14.10
apple iphone_os *
ibm content_manager 8.5
canonical ubuntu_linux 14.04
openssl openssl *
suse linux_enterprise_server 11.0
mozilla firefox_esr 31.8
oracle jre 1.7.0
mozilla firefox 39.0
oracle jdk 1.7.0
debian debian_linux 8.0
mozilla thunderbird 31.8
mozilla firefox_os 2.2
CVE-2015-4473 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
mozilla firefox 38.0
debian debian_linux 7.0
mozilla firefox *
mozilla firefox 38.1.0
debian debian_linux 8.0
CVE-2015-4474 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-4475 HIGH

The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4476 MEDIUM

Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4477 HIGH

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-4478 MEDIUM

Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4479 HIGH

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4480 HIGH

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4481 LOW

Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
mozilla firefox 38.0
CVE-2015-4482 MEDIUM

mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
mozilla firefox 38.0
CVE-2015-4483 MEDIUM

Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
opensuse opensuse 13.1
opensuse opensuse 13.2
CVE-2015-4484 MEDIUM

The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4485 HIGH

Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4486 HIGH

The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4487 HIGH

The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_os *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox *
oracle solaris 11.3
mozilla firefox 38.1.0
CVE-2015-4488 HIGH

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_os 2.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox *
oracle solaris 11.3
mozilla firefox 38.1.0
CVE-2015-4489 HIGH

The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_os *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox *
oracle solaris 11.3
mozilla firefox 38.1.0
CVE-2015-4490 MEDIUM

The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 15.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
CVE-2015-4492 HIGH

Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4493 HIGH

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
canonical ubuntu_linux 12.04
oracle solaris 11.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.1.0
canonical ubuntu_linux 14.04
mozilla firefox 38.0
CVE-2015-4494 MEDIUM

Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-4495 MEDIUM

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
redhat enterprise_linux_eus 7.1
suse linux_enterprise_desktop 12
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr 38.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
suse linux_enterprise_software_development_kit 12
mozilla firefox_esr 38.1.0
redhat enterprise_linux_server_aus 7.7
mozilla firefox *
redhat enterprise_linux_desktop 5.0
suse linux_enterprise_debuginfo 11
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 11
suse linux_enterprise_server 11
redhat enterprise_linux_server_tus 7.3
mozilla firefox_esr 38.0.1
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_desktop 6.0
suse linux_enterprise_software_development_kit 11
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_os *
redhat enterprise_linux_eus 6.7
mozilla firefox_esr 38.0.5
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_software_development_kit 12.0
opensuse opensuse 13.1
opensuse opensuse 13.2
suse linux_enterprise_server 12
canonical ubuntu_linux 14.04
redhat enterprise_linux_workstation 7.0
novell suse_linux_enterprise_server 12.0
oracle solaris 11.3
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_eus 7.2
redhat enterprise_linux_eus 7.6
CVE-2015-4496 HIGH

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
oracle solaris 11.3
CVE-2015-4497 HIGH

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 40.0.2
mozilla firefox 38.1.0
mozilla firefox 38.0
CVE-2015-4498 HIGH

The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.0
CVE-2015-4499 HIGH

Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 3.1.3
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 3.7
mozilla bugzilla 2.17
mozilla bugzilla 4.2.1
mozilla bugzilla 4.1.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 4.3.1
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 4.0.16
mozilla bugzilla 2.14.4
mozilla bugzilla 3.5.3
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.0.13
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 4.2.12
mozilla bugzilla 2.23.1
mozilla bugzilla 4.4.6
mozilla bugzilla 2.23.3
mozilla bugzilla 2.12
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 3.0.8
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 2.17.6
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.4.9
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.23
mozilla bugzilla 4.0.2
mozilla bugzilla 3.3.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 3.5.2
mozilla bugzilla 5.0
mozilla bugzilla 4.0.5
mozilla bugzilla 4.2.14
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 3.1.2
mozilla bugzilla 4.4.7
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 4.2.13
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 4.2.11
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 3.1.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.4.4
mozilla bugzilla 4.4.3
mozilla bugzilla 4.4.8
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 3.3.4
mozilla bugzilla 2.14.3
mozilla bugzilla 2.17.5
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 4.2.4
CVE-2015-4500 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4501 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4502 MEDIUM

js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4503 MEDIUM

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4504 MEDIUM

The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4505 MEDIUM

updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4506 MEDIUM

Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4507 MEDIUM

The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4508 LOW

Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.

CVSS 2.0

Severity: LOW

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4509 HIGH

Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4510 MEDIUM

Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4511 MEDIUM

Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4512 MEDIUM

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4513 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4514 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4515 MEDIUM

Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4516 HIGH

Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4517 HIGH

NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4518 MEDIUM

The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-4519 MEDIUM

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4520 MEDIUM

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4521 HIGH

The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-4522 HIGH

The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-5960 LOW

Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage (UMS) media volumes by using the USB interface for a mount operation.

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-5961 LOW

The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-5962 MEDIUM

Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-7174 HIGH

The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7175 HIGH

The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7176 HIGH

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7177 HIGH

The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7178 HIGH

The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7179 HIGH

The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7180 HIGH

The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7181 HIGH

The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla network_security_services 3.20.0
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla network_security_services *
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7182 HIGH

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle glassfish_server 2.1.1
mozilla network_security_services 3.20.0
oracle opensso 3.0-0.7
oracle iplanet_web_server 7.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.2.1
mozilla network_security_services *
mozilla firefox 38.0
mozilla firefox *
oracle traffic_director 11.1.1.7.0
mozilla firefox 38.2.0
mozilla firefox 38.3.0
oracle traffic_director 11.1.1.9.0
mozilla firefox 38.1.0
oracle iplanet_web_proxy_server 4.0
mozilla firefox 38.1.1
CVE-2015-7183 HIGH

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla network_security_services 3.20.0
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla network_security_services *
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7184 MEDIUM

The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7185 MEDIUM

Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7186 MEDIUM

Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved HTML document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7187 MEDIUM

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7188 HIGH

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7189 MEDIUM

Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7190 MEDIUM

The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows attackers to read log files and visit file: URLs of HTML documents via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7191 MEDIUM

Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7192 HIGH

The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7193 HIGH

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7194 HIGH

Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7195 MEDIUM

The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7196 MEDIUM

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7197 MEDIUM

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7198 HIGH

Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7199 HIGH

The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7200 HIGH

The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.1.0
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox 38.1.1
CVE-2015-7201 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7202 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7203 HIGH

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7204 MEDIUM

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 41.0
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 41.0.2
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox 41.0.1
CVE-2015-7205 HIGH

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7207 MEDIUM

Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7208 MEDIUM

Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7210 HIGH

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7211 MEDIUM

Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7212 HIGH

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7213 MEDIUM

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7214 MEDIUM

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7215 MEDIUM

The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7216 MEDIUM

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7217 MEDIUM

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7218 MEDIUM

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7219 MEDIUM

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7220 HIGH

Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7221 HIGH

Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7222 MEDIUM

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
fedoraproject fedora 22
opensuse leap 42.1
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox 38.3.0
fedoraproject fedora 23
mozilla firefox 38.4.0
mozilla firefox 38.1.0
mozilla firefox 38.1.1
CVE-2015-7223 MEDIUM

The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
fedoraproject fedora 23
opensuse opensuse 13.1
opensuse opensuse 13.2
fedoraproject fedora 22
opensuse leap 42.1
CVE-2015-7327 MEDIUM

Mozilla Firefox before 41.0 does not properly restrict the availability of High Resolution Time API times, which allows remote attackers to track last-level cache access, and consequently obtain sensitive information, via crafted JavaScript code that makes performance.now calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2015-7575 MEDIUM

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla network_security_services *
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
canonical ubuntu_linux 15.04
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
canonical ubuntu_linux 14.04
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2015-8508 LOW

Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug summary.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 4.2.15
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 4.0.14
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 3.4.14
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 4.2.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 3.4.10
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 4.2.10
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 4.0.16
mozilla bugzilla 2.14.4
mozilla bugzilla 3.0.3
mozilla bugzilla 4.0.13
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 4.2.12
mozilla bugzilla 4.4.6
mozilla bugzilla 2.12
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 4.0.15
mozilla bugzilla 3.0.8
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.4.9
mozilla bugzilla 4.0.9
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 4.0.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 5.0
mozilla bugzilla 4.0.17
mozilla bugzilla 4.0.5
mozilla bugzilla 4.2.14
mozilla bugzilla 4.0.4
mozilla bugzilla 4.4.7
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.7
mozilla bugzilla 3.2.10
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 4.2.13
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 4.0.18
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 4.2.11
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 5.0.1
mozilla bugzilla 4.4.3
mozilla bugzilla 4.4.8
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 4.4.10
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 4.2.4
CVE-2015-8509 MEDIUM

Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2 does not properly construct CSV files, which allows remote attackers to obtain sensitive information by leveraging a web browser that interprets CSV data as JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 3.4.2
mozilla bugzilla 4.2.15
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.4.5
mozilla bugzilla 3.6.10
mozilla bugzilla 4.4.4
mozilla bugzilla 4.0.14
mozilla bugzilla 2.14.5
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.6.8
mozilla bugzilla 3.4.14
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 4.2.1
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.14
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 2.16.9
mozilla bugzilla 3.6.9
mozilla bugzilla 3.4.10
mozilla bugzilla 2.16
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 4.2.8
mozilla bugzilla 3.6.3
mozilla bugzilla 3.2.8
mozilla bugzilla 3.2.4
mozilla bugzilla 4.0.8
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.18.2
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.14.1
mozilla bugzilla 4.0.3
mozilla bugzilla 4.2.10
mozilla bugzilla 3.0.10
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 4.0.16
mozilla bugzilla 2.14.4
mozilla bugzilla 3.0.3
mozilla bugzilla 4.0.13
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.11
mozilla bugzilla 3.4.13
mozilla bugzilla 4.2.12
mozilla bugzilla 4.4.6
mozilla bugzilla 2.12
mozilla bugzilla 2.18.6
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 4.0.15
mozilla bugzilla 3.0.8
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 4.0.12
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.20.6
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.2.7
mozilla bugzilla 2.0
mozilla bugzilla 2.20
mozilla bugzilla 2.16.11
mozilla bugzilla 2.20.3
mozilla bugzilla 3.4.7
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.4.9
mozilla bugzilla 4.0.9
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 4.0.2
mozilla bugzilla 4.2.3
mozilla bugzilla 2.16.5
mozilla bugzilla 3.4
mozilla bugzilla 5.0
mozilla bugzilla 4.0.17
mozilla bugzilla 4.0.5
mozilla bugzilla 4.2.14
mozilla bugzilla 4.0.4
mozilla bugzilla 4.4.7
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.7
mozilla bugzilla 3.2.10
mozilla bugzilla 2.22
mozilla bugzilla 3.4.8
mozilla bugzilla 2.10
mozilla bugzilla 4.2.13
mozilla bugzilla 2.20.5
mozilla bugzilla 2.22.2
mozilla bugzilla 3.4.6
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 4.0.18
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 4.2.11
mozilla bugzilla 2.14.2
mozilla bugzilla 2.4
mozilla bugzilla 5.0.1
mozilla bugzilla 4.4.3
mozilla bugzilla 4.4.8
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.1
mozilla bugzilla 2.20.4
mozilla bugzilla 4.2.2
mozilla bugzilla 3.2.3
mozilla bugzilla 2.14.3
mozilla bugzilla 2.22.7
mozilla bugzilla 3.2.6
mozilla bugzilla 4.4.10
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 4.2.4
CVE-2015-8510 MEDIUM

Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted web site that is mishandled during "Add to home screen" bookmarking.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-8511 MEDIUM

Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2015-8512 LOW

The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.

CVSS 2.0

Severity: LOW

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox_os *
CVE-2016-0718 HIGH

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
suse linux_enterprise_software_development_kit 11
mcafee policy_auditor *
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 12
python python *
opensuse opensuse 13.1
opensuse opensuse 13.2
suse linux_enterprise_server 12
canonical ubuntu_linux 14.04
suse linux_enterprise_software_development_kit 12
opensuse leap 42.1
canonical ubuntu_linux 16.04
mozilla firefox *
suse linux_enterprise_debuginfo 11
libexpat_project libexpat *
apple mac_os_x *
suse studio_onsite 1.3
suse linux_enterprise_server 11
debian debian_linux 8.0
CVE-2016-10196 MEDIUM

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
libevent_project libevent *
mozilla firefox 52.0
debian debian_linux 8.0
CVE-2016-10547 MEDIUM

Nunjucks is a full featured templating engine for JavaScript. Versions 2.4.2 and lower have a cross site scripting (XSS) vulnerability in autoescape mode. In autoescape mode, all template vars should automatically be escaped. By using an array for the keys, such as `name[]=<script>alert(1)</script>`, it is possible to bypass autoescaping and inject content into the DOM.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
mozilla nunjucks *
CVE-2016-1521 MEDIUM

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
fedoraproject fedora 22
debian debian_linux 7.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.5.2
fedoraproject fedora 23
mozilla firefox 38.4.0
debian debian_linux 8.0
mozilla firefox 38.5.1
CVE-2016-1522 HIGH

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
fedoraproject fedora 22
debian debian_linux 7.0
mozilla firefox_esr 38.3.0
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
sil graphite2 1.2.4
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.5.2
fedoraproject fedora 23
mozilla firefox 38.4.0
debian debian_linux 8.0
mozilla firefox 38.5.1
CVE-2016-1523 MEDIUM

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
fedoraproject fedora 22
debian debian_linux 7.0
mozilla firefox_esr 38.3.0
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
sil graphite2 1.2.4
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.5.2
fedoraproject fedora 23
mozilla firefox 38.4.0
debian debian_linux 8.0
mozilla firefox 38.5.1
CVE-2016-1526 MEDIUM

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-200,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
fedoraproject fedora 22
debian debian_linux 7.0
mozilla firefox_esr 38.3.0
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
sil graphite2 1.2.4
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.5.2
fedoraproject fedora 23
mozilla firefox 38.4.0
debian debian_linux 8.0
mozilla firefox 38.5.1
CVE-2016-1930 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox 38.5.0
mozilla firefox_esr 38.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.0
mozilla firefox_esr 38.1.0
opensuse leap 42.1
oracle linux 5.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
CVE-2016-1931 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1933 MEDIUM

Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1935 HIGH

Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox 38.5.0
mozilla firefox_esr 38.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.0
mozilla firefox_esr 38.1.0
opensuse leap 42.1
oracle linux 5.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
CVE-2016-1937 MEDIUM

The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1938 MEDIUM

The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla nss *
opensuse leap 42.1
CVE-2016-1939 MEDIUM

Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1940 MEDIUM

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox *
google android *
CVE-2016-1941 MEDIUM

The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
apple mac_os_x *
CVE-2016-1942 MEDIUM

Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a (1) wyciwyg: URI or (2) resource: URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1943 MEDIUM

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox 43.0.4
opensuse opensuse 13.1
opensuse opensuse 13.2
google android *
opensuse leap 42.1
CVE-2016-1944 HIGH

The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 43.0.4
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1945 HIGH

The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox 43.0.4
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1946 HIGH

The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1947 MEDIUM

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
mozilla firefox 43.0.3
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.04
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 43.0.1
canonical ubuntu_linux 14.04
opensuse leap 42.1
mozilla firefox 43.0
mozilla firefox 43.0.4
mozilla firefox 43.0.2
CVE-2016-1948 MEDIUM

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
mozilla firefox 43.0.4
google android *
CVE-2016-1949 MEDIUM

Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1950 MEDIUM

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle glassfish_server 2.1.1
oracle linux 6
oracle linux 7
oracle iplanet_web_server 7.0
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla network_security_services 3.21
mozilla network_security_services 3.20
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
oracle vm_server 3.2
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
apple mac_os_x *
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
oracle iplanet_web_proxy_server 4.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
apple tvos *
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla network_security_services 3.20.1
apple iphone_os *
opensuse opensuse 13.1
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla network_security_services 3.19.2
mozilla firefox 38.3.0
mozilla firefox 38.6.1
apple watchos *
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1951 HIGH

Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla netscape_portable_runtime *
CVE-2016-1952 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1953 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1954 MEDIUM

The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1955 MEDIUM

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1956 HIGH

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-1957 MEDIUM

Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1958 MEDIUM

browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1959 MEDIUM

The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1960 MEDIUM

Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1961 MEDIUM

Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1962 HIGH

Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1963 MEDIUM

The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1964 MEDIUM

Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1965 MEDIUM

Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1966 MEDIUM

The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
mozilla firefox 38.2.1
mozilla firefox 38.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1967 MEDIUM

Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1968 MEDIUM

Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1969 MEDIUM

The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
sil graphite2 *
mozilla firefox 38.3.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.1
mozilla firefox 38.1.1
CVE-2016-1970 MEDIUM

Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1971 MEDIUM

The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1972 MEDIUM

Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-1973 MEDIUM

Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
oracle linux 6
oracle linux 7
oracle linux 5.0
CVE-2016-1974 MEDIUM

The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1975 MEDIUM

Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
webrtc_project webrtc -
CVE-2016-1976 MEDIUM

Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
webrtc_project webrtc -
CVE-2016-1977 MEDIUM

The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-1978 HIGH

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla network_security_services *
CVE-2016-1979 MEDIUM

Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla network_security_services *
CVE-2016-2790 MEDIUM

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2791 MEDIUM

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2792 MEDIUM

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2793 MEDIUM

CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2794 HIGH

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2795 MEDIUM

The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2796 MEDIUM

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2797 MEDIUM

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2798 MEDIUM

The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2799 HIGH

Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2800 MEDIUM

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2801 MEDIUM

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2802 MEDIUM

The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
oracle linux 6
oracle linux 7
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.2.0
sil graphite2 *
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
oracle linux 5.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2803 MEDIUM

Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bugzilla 3.4.2
mozilla bugzilla 2.2
mozilla bugzilla 4.4.2
mozilla bugzilla 3.3
mozilla bugzilla 3.4.5
mozilla bugzilla 4.4.4
mozilla bugzilla 3.0.11
mozilla bugzilla 2.16.4
mozilla bugzilla 3.7
mozilla bugzilla 4.2.1
mozilla bugzilla 2.18.9
mozilla bugzilla 4.1.1
mozilla bugzilla 2.21.1
mozilla bugzilla 2.16.9
mozilla bugzilla 4.3.1
mozilla bugzilla 2.16
mozilla bugzilla 4.2.8
mozilla bugzilla 3.2.8
mozilla bugzilla 4.0.8
mozilla bugzilla 4.4.1
mozilla bugzilla 3.0.4
mozilla bugzilla 2.18.2
mozilla bugzilla 4.0.3
mozilla bugzilla 4.2.10
mozilla bugzilla 3.0.10
mozilla bugzilla 3.0.3
mozilla bugzilla 4.3
mozilla bugzilla 3.5
mozilla bugzilla 5.0.2
mozilla bugzilla 4.1
mozilla bugzilla 2.16.3
mozilla bugzilla 3.4.3
mozilla bugzilla 3.4.13
mozilla bugzilla 4.2.12
mozilla bugzilla 2.23.3
mozilla bugzilla 4.0.15
mozilla bugzilla 3.0.8
mozilla bugzilla 3.4.12
mozilla bugzilla 2.20.2
mozilla bugzilla 3.6.7
mozilla bugzilla 2.18.4
mozilla bugzilla 2.21.2
mozilla bugzilla 4.5.5
mozilla bugzilla 2.20
mozilla bugzilla 2.20.3
mozilla bugzilla 4.0.6
mozilla bugzilla 2.22.6
mozilla bugzilla 4.0.9
mozilla bugzilla 4.1.3
mozilla bugzilla 2.18.8
mozilla bugzilla 4.0.2
mozilla bugzilla 4.2.3
mozilla bugzilla 3.4
mozilla bugzilla 3.5.2
mozilla bugzilla 5.0
mozilla bugzilla 4.0.17
mozilla bugzilla 4.2.14
mozilla bugzilla 2.18.6+
mozilla bugzilla 4.4.7
mozilla bugzilla 3.2
mozilla bugzilla 4.0.7
mozilla bugzilla 4.2.7
mozilla bugzilla 2.17.2
mozilla bugzilla 3.2.10
mozilla bugzilla 2.17.7
mozilla bugzilla 3.4.8
mozilla bugzilla 4.2.13
mozilla bugzilla 2.22.2
mozilla bugzilla 3.6.5
mozilla bugzilla 3.6.13
mozilla bugzilla 2.19
mozilla bugzilla 2.6
mozilla bugzilla 2.16.2
mozilla bugzilla 4.2.5
mozilla bugzilla 2.22.3
mozilla bugzilla 4.2.9
mozilla bugzilla 3.1.1
mozilla bugzilla 3.4.4
mozilla bugzilla 4.4.3
mozilla bugzilla 4.4.11
mozilla bugzilla 2.16.7
mozilla bugzilla 2.20.4
mozilla bugzilla 4.3.3
mozilla bugzilla 4.2.2
mozilla bugzilla 3.3.4
mozilla bugzilla 2.17.5
mozilla bugzilla 3.2.6
mozilla bugzilla 2.16.8
mozilla bugzilla 3.4.9
mozilla bugzilla 4.0
mozilla bugzilla 2.18.7
mozilla bugzilla 4.2.4
mozilla bugzilla 3.0.0
mozilla bugzilla 3.4.1
mozilla bugzilla 3.6.2
mozilla bugzilla 2.23.4
mozilla bugzilla 4.2.15
mozilla bugzilla 4.3.2
mozilla bugzilla 3.2.9
mozilla bugzilla 3.6.10
mozilla bugzilla 3.1.3
mozilla bugzilla 4.0.14
mozilla bugzilla 3.6.8
mozilla bugzilla 3.4.14
mozilla bugzilla 2.18.1
mozilla bugzilla 3.6.1
mozilla bugzilla 2.17
mozilla bugzilla 3.0.9
mozilla bugzilla 2.18.3
mozilla bugzilla 2.22.4
mozilla bugzilla 4.4.5
mozilla bugzilla 4.5.4
mozilla bugzilla 3.6.9
mozilla bugzilla 3.4.10
mozilla bugzilla 3.7.2
mozilla bugzilla 4.5.6
mozilla bugzilla 2.16.6
mozilla bugzilla 3.0.1
mozilla bugzilla 2.19.1
mozilla bugzilla 3.6.3
mozilla bugzilla 4.1.2
mozilla bugzilla 3.2.4
mozilla bugzilla 3.2.1
mozilla bugzilla 4.4
mozilla bugzilla 2.22.1
mozilla bugzilla 3.0.5
mozilla bugzilla 2.16.10
mozilla bugzilla 2.18.5
mozilla bugzilla 2.16.1
mozilla bugzilla 2.19.3
mozilla bugzilla 3.0
mozilla bugzilla 4.2.6
mozilla bugzilla 4.0.16
mozilla bugzilla 3.5.3
mozilla bugzilla 3.3.3
mozilla bugzilla 2.19.2
mozilla bugzilla 4.0.13
mozilla bugzilla 2.9
mozilla bugzilla 3.4.11
mozilla bugzilla 2.23.1
mozilla bugzilla 4.4.6
mozilla bugzilla 2.23.2
mozilla bugzilla 2.18.6
mozilla bugzilla 4.5.1
mozilla bugzilla 4.5.2
mozilla bugzilla 2.18
mozilla bugzilla 3.0.2
mozilla bugzilla 2.17.1
mozilla bugzilla 2.20.7
mozilla bugzilla 3.6.4
mozilla bugzilla 2.17.6
mozilla bugzilla 4.0.12
mozilla bugzilla 2.20.6
mozilla bugzilla 4.0.10
mozilla bugzilla 3.2.2
mozilla bugzilla 3.0.7
mozilla bugzilla 3.2.5
mozilla bugzilla 3.1.0
mozilla bugzilla 3.2.7
mozilla bugzilla 2.16.11
mozilla bugzilla 3.4.7
mozilla bugzilla 3.6.0
mozilla bugzilla 3.6.11
mozilla bugzilla 3.6.6
mozilla bugzilla 4.0.11
mozilla bugzilla 4.4.9
mozilla bugzilla 2.22.5
mozilla bugzilla 3.6
mozilla bugzilla 3.1.4
mozilla bugzilla 2.23
mozilla bugzilla 3.3.2
mozilla bugzilla 2.16.5
mozilla bugzilla 3.7.3
mozilla bugzilla 2.17.4
mozilla bugzilla 4.0.5
mozilla bugzilla 3.7.1
mozilla bugzilla 4.0.4
mozilla bugzilla 4.5.3
mozilla bugzilla 3.1.2
mozilla bugzilla 2.16_rc2
mozilla bugzilla 3.5.1
mozilla bugzilla 2.22
mozilla bugzilla 2.20.5
mozilla bugzilla 3.4.6
mozilla bugzilla 4.0.18
mozilla bugzilla 2.8
mozilla bugzilla 3.0.6
mozilla bugzilla 2.21
mozilla bugzilla 4.2.11
mozilla bugzilla 2.4
mozilla bugzilla 5.0.1
mozilla bugzilla 2.17.3
mozilla bugzilla 3.0_rc1
mozilla bugzilla 4.4.8
mozilla bugzilla 4.0.1
mozilla bugzilla 3.6.12
mozilla bugzilla 4.2
mozilla bugzilla 2.20.1
mozilla bugzilla 3.3.1
mozilla bugzilla 3.2.3
mozilla bugzilla 2.22.7
mozilla bugzilla 4.4.10
CVE-2016-2804 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.7.1
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.5.2
mozilla firefox 38.7.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2805 HIGH

Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox 38.7.1
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.7.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2806 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox 45.0.1
opensuse opensuse 13.1
opensuse opensuse 13.2
debian debian_linux 8.0
suse linux_enterprise 12.0
opensuse leap 42.1
CVE-2016-2807 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
opensuse leap 42.1
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.7.1
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox 38.2.1
mozilla firefox 38.0
suse linux_enterprise 12.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.7.0
mozilla firefox 45.0.1
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2808 MEDIUM

The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.7.1
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.7.0
mozilla firefox 45.0.1
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2809 MEDIUM

The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2810 MEDIUM

Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2811 MEDIUM

Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2812 MEDIUM

Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2813 MEDIUM

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2814 MEDIUM

Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 38.0.1
mozilla firefox 38.0.5
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.3.0
mozilla firefox *
mozilla firefox 38.7.1
mozilla firefox 38.2.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.2.0
mozilla firefox 38.1.0
mozilla firefox_esr 38.0.1
mozilla firefox 38.1.1
mozilla firefox 38.6.0
mozilla firefox 38.5.0
mozilla firefox_esr 38.0.5
mozilla firefox 38.2.1
mozilla firefox 38.0
mozilla firefox_esr 38.4.0
mozilla firefox 38.3.0
mozilla firefox 38.7.0
mozilla firefox 45.0.1
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.5.1
CVE-2016-2815 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox_esr *
novell suse_linux_enterprise_software_development_kit 12.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
canonical ubuntu_linux 16.04
mozilla firefox *
novell suse_linux_enterprise_server 12.0
CVE-2016-2816 MEDIUM

Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2817 MEDIUM

The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2818 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox 45.1.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_for_power_little_endian_eus 7.2
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_for_power_big_endian 7.0
opensuse leap 42.1
mozilla firefox 45.1.1
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_for_ibm_z_systems 5.0
mozilla firefox_esr 45.1.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_for_power_big_endian 5.0
redhat enterprise_linux_for_ibm_z_systems 6.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
novell suse_linux_enterprise_desktop 12.0
redhat enterprise_linux_for_power_little_endian 7.0
redhat enterprise_linux_for_power_big_endian 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.2
novell suse_linux_enterprise_software_development_kit 12.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.2
novell suse_linux_enterprise_server 12.0
redhat enterprise_linux_for_ibm_z_systems_eus 7.2
novell suse_package_hub_for_suse_linux_enterprise 12
redhat enterprise_linux_for_ibm_z_systems 7.0
mozilla firefox_esr 45.1.1
debian debian_linux 8.0
CVE-2016-2819 MEDIUM

Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox 45.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
mozilla firefox 45.1.1
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla firefox_esr 45.1.0
debian debian_linux 8.0
CVE-2016-2820 MEDIUM

The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2821 MEDIUM

Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox 45.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
mozilla firefox 45.1.1
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla firefox_esr 45.1.0
debian debian_linux 8.0
CVE-2016-2822 MEDIUM

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox 45.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
mozilla firefox 45.1.1
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla firefox_esr 45.1.0
debian debian_linux 8.0
CVE-2016-2824 MEDIUM

The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
opensuse leap 42.1
CVE-2016-2825 MEDIUM

Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
CVE-2016-2826 HIGH

The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
CVE-2016-2827 MEDIUM

The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2828 MEDIUM

Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox 45.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
mozilla firefox 45.1.1
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla firefox_esr 45.1.0
debian debian_linux 8.0
CVE-2016-2829 MEDIUM

Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
CVE-2016-2830 MEDIUM

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-2831 MEDIUM

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,CWE-284,

Products Affected

Vendor Product Version
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
mozilla firefox 45.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
mozilla firefox 45.1.1
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla firefox_esr 45.1.0
debian debian_linux 8.0
CVE-2016-2832 MEDIUM

Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
CVE-2016-2833 MEDIUM

Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-254,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
opensuse opensuse 13.2
canonical ubuntu_linux 14.04
opensuse leap 42.1
CVE-2016-2834 HIGH

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_software_development_kit 12.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla network_security_services *
canonical ubuntu_linux 14.04
opensuse leap 42.1
canonical ubuntu_linux 16.04
mozilla firefox *
novell suse_linux_enterprise_server 12.0
CVE-2016-2835 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-2836 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-2837 MEDIUM

Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-2838 MEDIUM

Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-2839 MEDIUM

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5250 MEDIUM

Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5251 MEDIUM

Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5252 MEDIUM

Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5253 MEDIUM

The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5254 HIGH

Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5255 MEDIUM

Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5256 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5257 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5258 MEDIUM

Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5259 MEDIUM

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5260 MEDIUM

Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5261 HIGH

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5262 MEDIUM

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5263 MEDIUM

The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-704,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5264 MEDIUM

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5265 MEDIUM

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
oracle linux 6
oracle linux 7
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
oracle linux 5.0
CVE-2016-5266 MEDIUM

Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5267 MEDIUM

Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5268 MEDIUM

Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5270 HIGH

Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5271 MEDIUM

The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5272 MEDIUM

The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5273 MEDIUM

The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5274 HIGH

Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5275 MEDIUM

Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5276 HIGH

Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5277 HIGH

Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5278 MEDIUM

Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox *
mozilla firefox 45.1.0
mozilla firefox_esr 45.1.0
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5279 MEDIUM

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5280 HIGH

Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox 45.0
mozilla firefox 45.0.2
mozilla firefox *
mozilla firefox 45.0.1
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5281 HIGH

Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox 45.0
mozilla firefox 45.0.2
mozilla firefox *
mozilla firefox 45.0.1
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5282 MEDIUM

Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5283 MEDIUM

Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5284 MEDIUM

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 45.1.1
mozilla firefox 45.0
mozilla firefox 45.0.2
mozilla firefox *
mozilla firefox 45.0.1
mozilla firefox 45.2.0
mozilla firefox 45.3.0
CVE-2016-5285 MEDIUM

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
avaya breeze_platform *
redhat enterprise_linux 6.0
avaya meeting_exchange 6.2
avaya ip_office 9.1
avaya cs1000e/cs1000m_signaling_server_firmware *
avaya aura_session_manager *
avaya aura_conferencing 7.0
avaya aura_conferencing 7.2
debian debian_linux 10.0
avaya aura_communication_manager 7.0
avaya call_management_system *
avaya call_management_system 17.0
avaya one-x_client_enablement_services 6.2
redhat enterprise_linux 7.0
debian debian_linux 9.0
avaya aura_application_enablement_services 7.0
avaya message_networking *
suse linux_enterprise_server 11
avaya aura_experience_portal *
avaya aura_communication_manager_messagint 7.0
avaya aura_system_platform_firmware *
avaya cs1000e_firmware *
avaya aura_session_manager 7.0.1
avaya aura_messaging 6.3
avaya aura_application_server_5300 3.0
avaya session_border_controller_for_enterprise_firmware *
redhat enterprise_linux 5.0
avaya aura_messaging 6.3.3
avaya aura_application_enablement_services *
avaya aura_system_manager *
avaya cs1000m_firmware *
avaya proactive_contact *
avaya ip_office 8.1
avaya aura_conferencing 8.0
avaya aura_communication_manager *
avaya aura_utility_services *
avaya ip_office 10.0
debian debian_linux 8.0
mozilla nss *
avaya iq 5.2.x
avaya aura_session_manager 7.0
CVE-2016-5287 HIGH

A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5288 MEDIUM

Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox < 49.0.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5289 HIGH

Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5290 HIGH

Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-5291 MEDIUM

A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-5292 MEDIUM

During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5293 LOW

When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-5294 LOW

The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2016-5295 MEDIUM

This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5296 MEDIUM

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-5297 HIGH

An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-5298 MEDIUM

A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-5299 MEDIUM

A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-275,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-7152 MEDIUM

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
microsoft edge -
microsoft internet_explorer -
apple safari *
google chrome -
opera opera -
CVE-2016-7153 MEDIUM

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
microsoft edge -
microsoft internet_explorer -
apple safari *
google chrome -
opera opera_browser -
CVE-2016-8635 MEDIUM

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-358,CWE-320,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
mozilla network_security_services *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9061 MEDIUM

A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-275,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9062 LOW

Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9063 HIGH

An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox *
python python *
debian debian_linux 9.0
debian debian_linux 8.0
debian debian_linux 10.0
CVE-2016-9064 MEDIUM

Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2016-9065 MEDIUM

The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9066 MEDIUM

A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-9067 MEDIUM

Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9068 MEDIUM

A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9069 MEDIUM

A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9070 MEDIUM

A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9071 MEDIUM

Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9072 MEDIUM

When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9073 MEDIUM

WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9074 MEDIUM

An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2016-9075 HIGH

An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9076 MEDIUM

An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9077 MEDIUM

Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox < 50.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9078 MEDIUM

Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
mozilla firefox 50.0
mozilla firefox 49.0
CVE-2016-9079 MEDIUM

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
torproject tor -
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9080 HIGH

Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9574 MEDIUM

nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-325,CWE-384,

Products Affected

Vendor Product Version
mozilla network_security_services *
CVE-2016-9893 HIGH

Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9894 MEDIUM

A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9895 MEDIUM

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9896 MEDIUM

Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9897 MEDIUM

Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
mozilla firefox_esr *
debian debian_linux 8.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server 6.0
CVE-2016-9898 HIGH

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9899 HIGH

Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9900 MEDIUM

External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9901 HIGH

HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_aus 7.4
redhat enterprise_linux_aus 7.3
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.5
CVE-2016-9902 MEDIUM

The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2016-9903 MEDIUM

Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context. This vulnerability affects Firefox < 50.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2016-9904 MEDIUM

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2016-9905 MEDIUM

A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2017-11695 MEDIUM

Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla network_security_services -
CVE-2017-11696 MEDIUM

Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla network_security_services -
CVE-2017-11697 MEDIUM

The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla network_security_services -
CVE-2017-11698 MEDIUM

Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla network_security_services -
CVE-2017-17688 MEDIUM

The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
r2mail2 r2mail2 -
flipdogsolutions maildroid -
horde horde_imp -
emclient emclient -
microsoft outlook 2007
postbox-inc postbox -
apple mail -
bloop airmail -
freron mailmate -
roundcube webmail -
mozilla thunderbird -
CVE-2017-17689 MEDIUM

The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
flipdogsolutions maildroid -
postbox-inc postbox -
apple mail -
gnome evolution -
mozilla thunderbird -
microsoft outlook 2016
kde kmail -
kde trojita -
google gmail -
r2mail2 r2mail2 -
microsoft outlook 2010
horde horde_imp -
microsoft outlook 2013
emclient emclient -
microsoft outlook 2007
bloop airmail -
ibm notes -
freron mailmate -
9folders nine -
ritlabs the_bat -
CVE-2017-5373 HIGH

Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2017-5374 HIGH

Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5375 HIGH

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2017-5376 HIGH

Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5377 HIGH

A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5378 MEDIUM

Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5379 MEDIUM

Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5380 HIGH

A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5381 MEDIUM

The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5382 MEDIUM

Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5383 MEDIUM

URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5384 MEDIUM

Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5385 MEDIUM

Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5386 HIGH

WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5387 LOW

The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: LOW

Problem Type: CWE-538,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5388 MEDIUM

A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5389 MEDIUM

WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5390 HIGH

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5391 HIGH

Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5392 HIGH

Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5393 MEDIUM

The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5394 MEDIUM

A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5395 MEDIUM

Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5396 HIGH

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5397 HIGH

The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions. This vulnerability affects Firefox < 51.0.3.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-829,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5398 HIGH

Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5399 HIGH

Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5400 HIGH

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5401 HIGH

A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-388,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5402 HIGH

A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5403 HIGH

When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5404 HIGH

A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5405 MEDIUM

Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1187,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5406 MEDIUM

A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5407 MEDIUM

Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5408 MEDIUM

Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5409 LOW

The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 45.8 and Firefox < 52.

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2017-5410 HIGH

Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5411 MEDIUM

A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in "libGLES", which is only in use on Windows. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5412 MEDIUM

A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5413 HIGH

A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5414 MEDIUM

The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5415 MEDIUM

An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5416 MEDIUM

In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5417 MEDIUM

When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5418 MEDIUM

An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5419 HIGH

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5420 MEDIUM

A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5421 MEDIUM

A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5422 MEDIUM

If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5425 MEDIUM

The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to "/private/var" and its subdirectories. Note: this issue only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5426 MEDIUM

On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note: this issue only affects Linux. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2017-5427 LOW

A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox < 52.

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5428 HIGH

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_eus 7.5
CVE-2017-5429 HIGH

Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_workstation 6.0
mozilla firefox_esr *
mozilla firefox 52.0
debian debian_linux 8.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
CVE-2017-5430 HIGH

Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
CVE-2017-5432 HIGH

A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5433 HIGH

A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5434 HIGH

A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_workstation 6.0
mozilla firefox_esr *
mozilla firefox 52.0
debian debian_linux 8.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
CVE-2017-5435 HIGH

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5436 MEDIUM

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
sil graphite2 -
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5438 HIGH

A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5439 HIGH

A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5440 HIGH

A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5441 HIGH

A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5442 HIGH

A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5443 HIGH

An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5444 MEDIUM

A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5445 MEDIUM

A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-129,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5446 HIGH

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5447 MEDIUM

An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5448 HIGH

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5449 MEDIUM

A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5450 MEDIUM

A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed site and showing an incorrect domain in appended notifications. This vulnerability affects Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5451 MEDIUM

A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5452 MEDIUM

Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5453 MEDIUM

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5454 MEDIUM

A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5455 MEDIUM

The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_eus 7.5
CVE-2017-5456 HIGH

A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-732,

Products Affected

Vendor Product Version
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_eus 7.5
CVE-2017-5458 MEDIUM

When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5459 HIGH

A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5460 HIGH

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5461 HIGH

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla network_security_services *
CVE-2017-5462 MEDIUM

A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-682,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla firefox 52.0
mozilla network_security_services *
debian debian_linux 8.0
CVE-2017-5463 MEDIUM

Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5464 HIGH

During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5465 MEDIUM

An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5466 MEDIUM

If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5467 MEDIUM

A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_workstation 6.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
CVE-2017-5468 MEDIUM

An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox < 53.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-665,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5469 HIGH

Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
mozilla firefox 52.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5470 HIGH

Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-5471 HIGH

Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-5472 HIGH

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7502 MEDIUM

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
mozilla network_security_services 3.25.1
mozilla network_security_services 3.26.2
mozilla network_security_services 3.29.1
mozilla network_security_services 3.30.0
mozilla network_security_services 3.29.0
mozilla network_security_services 3.29.3
mozilla network_security_services 3.29.2
mozilla network_security_services 3.27.2
mozilla network_security_services 3.28.3
mozilla network_security_services 3.27.0
mozilla network_security_services 3.24.0
mozilla network_security_services 3.28.1
mozilla network_security_services 3.30.1
mozilla network_security_services 3.28.0
mozilla network_security_services 3.26.0
mozilla network_security_services 3.27.1
mozilla network_security_services 3.28.2
mozilla network_security_services 3.25.0
CVE-2017-7749 HIGH

A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7750 HIGH

A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7751 HIGH

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7752 MEDIUM

A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7753 MEDIUM

An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7754 MEDIUM

An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7755 MEDIUM

The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-426,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2017-7756 HIGH

A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-7757 HIGH

A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-7758 MEDIUM

An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7759 MEDIUM

Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 54.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
google android -
CVE-2017-7760 MEDIUM

The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter through the Mozilla Maintenance Service, allowing the manipulation of files in the installation directory and privilege escalation by manipulating the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-417,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2017-7761 LOW

The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2017-7762 MEDIUM

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
mozilla firefox *
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
CVE-2017-7763 MEDIUM

Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-7764 MEDIUM

Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from "Aspirational Use Scripts" such as Canadian Syllabics to be mixed with Latin characters in the "moderately restrictive" IDN profile. We have changed Firefox behavior to match the upcoming Unicode version 10.0 which removes this category and treats them as "Limited Use Scripts.". This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-7765 MEDIUM

The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2017-7766 MEDIUM

An attack using manipulation of "updater.ini" contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and deletion by the Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2017-7767 LOW

The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.

CVSS 2.0

Severity: LOW

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2017-7768 LOW

The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2017-7770 MEDIUM

A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 54.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7771 MEDIUM

Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
sil graphite2 *
CVE-2017-7772 MEDIUM

Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
sil graphite2 *
CVE-2017-7773 MEDIUM

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
sil graphite2 *
CVE-2017-7774 MEDIUM

Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
sil graphite2 *
CVE-2017-7776 MEDIUM

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
sil graphite2 *
CVE-2017-7777 MEDIUM

Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
sil graphite2 *
CVE-2017-7778 HIGH

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,CWE-125,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
sil graphite2 *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2017-7779 HIGH

Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7780 HIGH

Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7781 MEDIUM

An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINT_AT_INFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an incorrect shared secret. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7782 MEDIUM

An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2017-7783 MEDIUM

If a long user name is used in a username/password combination in a site URL (such as " http://UserName:Password@example.com"), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7784 HIGH

A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7785 HIGH

A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7786 HIGH

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7787 MEDIUM

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7788 HIGH

When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy (CSP) as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-74,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7789 MEDIUM

If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7790 MEDIUM

On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7791 MEDIUM

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7792 HIGH

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7793 HIGH

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7794 MEDIUM

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7796 LOW

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named "update.log" instead of the one intended. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7797 MEDIUM

Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7798 MEDIUM

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7799 MEDIUM

JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7800 HIGH

A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7801 HIGH

A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7802 HIGH

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7803 MEDIUM

When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7804 MEDIUM

The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2017-7805 MEDIUM

During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 7.0
mozilla firefox 52.4.0
debian debian_linux 9.0
debian debian_linux 8.0
mozilla firefox 56.0
mozilla thunderbird 52.4.0
CVE-2017-7806 MEDIUM

A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7807 MEDIUM

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7808 MEDIUM

A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7809 HIGH

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7810 HIGH

Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7811 HIGH

Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7812 MEDIUM

If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7813 MEDIUM

Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-704,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7814 MEDIUM

File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7815 MEDIUM

On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7816 MEDIUM

WebExtensions could use popups and panels in the extension UI to load an "about:" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7817 MEDIUM

A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake address bar to be displayed. This allows an attacker to spoof which page is actually loaded and in use. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7818 HIGH

A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_server_eus 7.2
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7819 HIGH

A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2017-7820 MEDIUM

The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7821 HIGH

A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-732,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7822 MEDIUM

The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox < 56.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7823 MEDIUM

The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7824 HIGH

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_aus 7.4
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.5
CVE-2017-7825 MEDIUM

Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2017-7826 HIGH

Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7827 HIGH

Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7828 HIGH

A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7829 MEDIUM

It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 7.4
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_aus 7.4
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.5
CVE-2017-7830 MEDIUM

The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7831 MEDIUM

A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7832 MEDIUM

The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7833 MEDIUM

Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7834 MEDIUM

A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7835 HIGH

Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7836 MEDIUM

The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. Note: This attack requires an attacker have local system access and only affects OS X and Linux. Windows systems are not affected. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7837 MEDIUM

SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7838 MEDIUM

Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7839 MEDIUM

Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7840 MEDIUM

JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks if users were convinced to add malicious tags to bookmarks, export them, and then open the resulting file. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7842 MEDIUM

If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests. This vulnerability affects Firefox < 57.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7843 MEDIUM

When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7844 MEDIUM

A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox < 57.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2017-7845 HIGH

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2017-7846 MEDIUM

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2017-7847 MEDIUM

Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 7.0
mozilla thunderbird *
redhat enterprise_linux_aus 7.4
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_eus 7.5
CVE-2017-7848 MEDIUM

RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-10229 MEDIUM

A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
google chrome -
mozilla firefox -
lg nexus_5 -
CVE-2018-12358 MEDIUM

Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability affects Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-12359 MEDIUM

A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
mozilla thunderbird 52.9.1
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12360 MEDIUM

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12361 MEDIUM

An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
CVE-2018-12362 MEDIUM

An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12363 MEDIUM

A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12364 MEDIUM

NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12365 MEDIUM

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12366 MEDIUM

An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12367 MEDIUM

In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
CVE-2018-12368 HIGH

Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2018-12369 HIGH

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-863,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
mozilla firefox_esr *
canonical ubuntu_linux 14.04
CVE-2018-12370 MEDIUM

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox < 61.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-12371 MEDIUM

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2018-12372 MEDIUM

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux 7.6
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux 7.5
CVE-2018-12373 MEDIUM

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux 7.6
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux 7.5
CVE-2018-12374 MEDIUM

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux 7.6
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux 7.5
CVE-2018-12375 MEDIUM

Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 14.04
CVE-2018-12376 HIGH

Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12377 HIGH

A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12378 HIGH

A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12379 MEDIUM

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12381 MEDIUM

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-610,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2018-12382 MEDIUM

The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. *This vulnerability only affects Firefox for Android < 62.*

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox 62.0
CVE-2018-12383 LOW

If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1.

CVSS 2.0

Severity: LOW

Problem Type: CWE-522,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12384 MEDIUM

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-335,

Products Affected

Vendor Product Version
mozilla network_security_services *
CVE-2018-12385 MEDIUM

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12386 MEDIUM

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-704,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
CVE-2018-12387 MEDIUM

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server 6.0
CVE-2018-12388 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12389 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12390 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12391 HIGH

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2018-12392 HIGH

When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12393 MEDIUM

A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12395 MEDIUM

By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12396 MEDIUM

A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12397 LOW

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12398 MEDIUM

By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12399 MEDIUM

When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12400 MEDIUM

In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-12401 MEDIUM

Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12402 MEDIUM

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12403 MEDIUM

If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12404 MEDIUM

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla network_security_services *
CVE-2018-12405 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-12406 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-12407 HIGH

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-14498 MEDIUM

get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.0
mozilla mozjpeg *
fedoraproject fedora 28
libjpeg-turbo libjpeg-turbo *
debian debian_linux 8.0
CVE-2018-18492 HIGH

A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18493 HIGH

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18494 MEDIUM

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18495 MEDIUM

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-18496 MEDIUM

When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*. This vulnerability affects Firefox < 64.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-18497 MEDIUM

Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-18498 HIGH

A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18499 MEDIUM

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2018-18500 HIGH

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18501 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18502 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 65.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-18503 MEDIUM

When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-18504 HIGH

A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox < 65.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 18.10
canonical ubuntu_linux 14.04
CVE-2018-18505 HIGH

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-18506 MEDIUM

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_tus 8.6
opensuse leap 15.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
opensuse leap 42.3
redhat enterprise_linux_server 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux 8.0
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
redhat enterprise_linux_eus 8.6
redhat enterprise_linux_server_aus 8.6
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_server_tus 8.4
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_eus 8.4
canonical ubuntu_linux 14.04
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_aus 8.4
debian debian_linux 8.0
CVE-2018-18508 MEDIUM

In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
siemens ruggedcom_rox_mx5000_firmware *
siemens ruggedcom_rox_rx5000_firmware *
siemens ruggedcom_rox_rx1512_firmware *
siemens ruggedcom_rox_rx1500_firmware *
siemens ruggedcom_rox_rx1511_firmware *
mozilla network_security_services *
siemens ruggedcom_rox_rx1400_firmware *
siemens ruggedcom_rox_rx1501_firmware *
siemens ruggedcom_rox_rx1510_firmware *
CVE-2018-18509 MEDIUM

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content. This vulnerability affects Thunderbird < 60.5.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2018-18510 MEDIUM

The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-18511 MEDIUM

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox 65.0
CVE-2018-18512 HIGH

A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2018-18513 MEDIUM

A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2018-5089 HIGH

Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5090 HIGH

Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5091 HIGH

A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5092 HIGH

A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5093 MEDIUM

A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5094 MEDIUM

A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5095 HIGH

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-908,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5096 HIGH

A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird < 52.6.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
mozilla firefox *
mozilla thunderbird *
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5097 HIGH

A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5098 HIGH

A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5099 HIGH

A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5100 MEDIUM

A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scripts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5101 MEDIUM

A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5102 HIGH

A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5103 HIGH

A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5104 HIGH

A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5105 HIGH

WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consent. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5106 MEDIUM

Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5107 MEDIUM

The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5108 MEDIUM

A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could allow for the leaking of private information specific to the private browsing context. This issue is mitigated by the requirement that the user enter the Blob URL manually in order for the access violation to occur. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5109 MEDIUM

An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5110 MEDIUM

If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. Note: This vulnerability only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5111 MEDIUM

When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a different site than the one loaded. This allows for phishing attacks where a malicious page can spoof the identify of another site. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5112 MEDIUM

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-552,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5113 MEDIUM

The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5114 MEDIUM

If an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5115 MEDIUM

If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the authentication request and may cause users to mistakenly send private credential information to a third party site. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5116 HIGH

WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5117 MEDIUM

If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different site than the one loaded. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.3
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_server_eus 7.3
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5118 MEDIUM

The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is blocked by the sandbox but could expose local data if combined with another attack that escapes sandbox protections. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5119 MEDIUM

The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5121 MEDIUM

Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5122 HIGH

A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox < 58.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5123 MEDIUM

A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla bugzilla *
CVE-2018-5124 MEDIUM

Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5125 MEDIUM

Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5126 HIGH

Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5127 MEDIUM

A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5128 HIGH

A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5129 MEDIUM

A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5130 MEDIUM

When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5131 MEDIUM

Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while browsing. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5132 MEDIUM

The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5133 MEDIUM

If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This stored preference is also executed whenever an EME video player plugin displays a CDM-disabled message as a notification message. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5134 MEDIUM

WebExtensions may use "view-source:" URLs to view local "file:" URL content, as well as content stored in "about:cache", bypassing restrictions that only allow WebExtensions to view specific content. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5135 MEDIUM

WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs.executeScript" to inject scripts into contexts where this should not be allowed, such as pages from other WebExtensions or unprivileged "about:" pages. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5136 MEDIUM

A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5137 MEDIUM

A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this by using a maliciously crafted path string to reference the resources. Note: this vulnerability does not affect WebExtensions. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5138 MEDIUM

A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5140 MEDIUM

Image for moz-icons can be accessed through the "moz-icon:" protocol through script in web content even when otherwise prohibited. This could allow for information leakage of which applications are associated with specific MIME types by a malicious page. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5141 MEDIUM

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service (DOS) attack or to display unwanted content from arbitrary URLs to users. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5142 MEDIUM

If Media Capture and Streams API permission is requested from documents with "data:" or "blob:" URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown protocol" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5143 MEDIUM

URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the "javascript:" URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox < 59.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5144 HIGH

An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_server_eus 7.2
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5145 HIGH

Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.4
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5146 MEDIUM

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.4
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 7.4
debian debian_linux 8.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server 6.0
CVE-2018-5147 HIGH

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
debian debian_linux 7.0
mozilla firefox *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
CVE-2018-5148 HIGH

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5150 HIGH

Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5151 HIGH

Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5152 MEDIUM

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firefox Accounts. This issue does not expose synchronization traffic directly and is limited to the process of user login to the website and the data displayed to the user once logged in. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5153 MEDIUM

If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5154 HIGH

A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5155 HIGH

A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5156 HIGH

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5157 MEDIUM

Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-346,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5158 MEDIUM

The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5159 HIGH

An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5160 MEDIUM

WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-908,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5161 MEDIUM

Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5162 MEDIUM

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5163 MEDIUM

If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-281,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5164 MEDIUM

Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5165 MEDIUM

In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox < 60.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5166 MEDIUM

WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5167 MEDIUM

The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display "javascript:" links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5168 MEDIUM

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5169 MEDIUM

If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5170 MEDIUM

It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5172 MEDIUM

The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5173 MEDIUM

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5174 MEDIUM

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won't prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla thunderbird_esr *
CVE-2018-5175 MEDIUM

A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5176 MEDIUM

The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5177 MEDIUM

A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5178 MEDIUM

A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5179 MEDIUM

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2018-5180 MEDIUM

A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5181 MEDIUM

If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the "noopener" keyword. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5182 MEDIUM

If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulnerability affects Firefox < 60.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5183 HIGH

Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5184 MEDIUM

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5185 MEDIUM

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
mozilla thunderbird_esr *
debian debian_linux 7.0
canonical ubuntu_linux 16.04
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-5186 HIGH

Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 17.10
canonical ubuntu_linux 14.04
CVE-2018-5187 HIGH

Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
CVE-2018-5188 HIGH

Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_eus 7.5
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
canonical ubuntu_linux 17.10
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2018-7753 HIGH

An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla bleach 2.1.2
mozilla bleach 2.1.1
mozilla bleach 2.1
CVE-2018-8024 MEDIUM

In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI. While some browsers like recent versions of Chrome and Safari are able to block this type of attack, current versions of Firefox (and possibly others) do not.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox -
apache spark *
apache spark 2.3.0
CVE-2019-11691 HIGH

A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11692 HIGH

A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11693 HIGH

The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11694 MEDIUM

A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-755,CWE-908,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11695 MEDIUM

A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the primary web content area. This could be used by a malicious site to trick users into clicking on permission prompts, doorhanger notifications, or other buttons inadvertently if the location is spoofed over the user interface. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11696 MEDIUM

Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11697 MEDIUM

If the ALT and "a" keys are pressed when users receive an extension installation prompt, the extension will be installed without the install prompt delay that keeps the prompt visible in order for users to accept or decline the installation. A malicious web page could use this with spoofing on the page to trick users into installing a malicious extension. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11698 MEDIUM

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11699 MEDIUM

A malicious page can briefly cause the wrong name to be highlighted as the domain name in the addressbar during page navigations. This could result in user confusion of which site is currently loaded for spoofing attacks. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11700 MEDIUM

A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11701 MEDIUM

The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. *Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.*. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11702 MEDIUM

A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67.0.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11703 HIGH

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2019-11704 HIGH

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2019-11705 HIGH

A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2019-11706 MEDIUM

A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2019-11707 HIGH

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,CWE-843,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11708 HIGH

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11709 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
opensuse leap 15.0
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 8.0
suse package_hub -
CVE-2019-11710 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 68.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11711 MEDIUM

When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 8.0
CVE-2019-11712 MEDIUM

POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11713 HIGH

A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11714 HIGH

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11715 MEDIUM

Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11716 HIGH

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11717 MEDIUM

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-116,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
opensuse leap 15.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 8.0
CVE-2019-11718 MEDIUM

Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11719 MEDIUM

When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11720 MEDIUM

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11721 MEDIUM

The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11723 MEDIUM

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11724 MEDIUM

Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11725 MEDIUM

When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11727 MEDIUM

A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11728 MEDIUM

The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox < 68.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-11729 MEDIUM

Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11730 MEDIUM

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
opensuse leap 15.0
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 8.0
suse package_hub -
CVE-2019-11733 MEDIUM

When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11734 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11735 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
mozilla firefox_esr *
opensuse leap 15.1
CVE-2019-11736 MEDIUM

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. <br>*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11737 MEDIUM

If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11738 MEDIUM

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.0
mozilla firefox_esr *
opensuse leap 15.1
CVE-2019-11739 MEDIUM

Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 68.1 and Thunderbird < 60.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2019-11740 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
opensuse leap 15.0
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.04
CVE-2019-11741 MEDIUM

A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox < 69.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11742 MEDIUM

A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a &lt;canvas&gt; element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-829,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11743 MEDIUM

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.7 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.2 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11744 MEDIUM

Some HTML elements, such as &lt;title&gt; and &lt;textarea&gt;, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11745 MEDIUM

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
siemens ruggedcom_rox_mx5000_firmware *
canonical ubuntu_linux 18.04
mozilla firefox_esr *
canonical ubuntu_linux 19.10
siemens ruggedcom_rox_rx1501_firmware *
siemens ruggedcom_rox_rx1510_firmware *
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_server_aus 6.6
siemens ruggedcom_rox_rx5000_firmware *
siemens ruggedcom_rox_rx1512_firmware *
mozilla thunderbird *
opensuse leap 15.1
siemens ruggedcom_rox_rx1500_firmware *
debian debian_linux 9.0
siemens ruggedcom_rox_rx1511_firmware *
siemens ruggedcom_rox_rx1400_firmware *
CVE-2019-11746 MEDIUM

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11747 MEDIUM

The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-665,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11748 MEDIUM

WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-281,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11749 MEDIUM

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11750 MEDIUM

A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,CWE-908,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11751 MEDIUM

Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-88,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11752 HIGH

It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11753 MEDIUM

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. <br>*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69, Firefox ESR < 60.9, and Firefox ESR < 68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-354,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-11754 MEDIUM

When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox < 69.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11755 MEDIUM

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2019-11756 MEDIUM

Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-11757 MEDIUM

When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11758 MEDIUM

Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11759 MEDIUM

An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11760 MEDIUM

A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11761 MEDIUM

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-862,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11762 MEDIUM

If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11763 MEDIUM

Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11764 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-11765 MEDIUM

A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the 'Click to Play' permission. This vulnerability affects Firefox < 70.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17000 MEDIUM

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox < 70.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17001 MEDIUM

A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document (cross-site scripting). This is a separate bypass from CVE-2019-17000.*Note: This flaw only affected Firefox 69 and was not present in earlier versions.*. This vulnerability affects Firefox < 70.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox 69.0
CVE-2019-17002 MEDIUM

If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17003

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17005 MEDIUM

The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
CVE-2019-17006 HIGH

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-119,

Products Affected

Vendor Product Version
siemens ruggedcom_rox_mx5000_firmware *
netapp hci_management_node -
netapp hci_storage_node -
mozilla network_security_services *
siemens ruggedcom_rox_rx1501_firmware *
siemens ruggedcom_rox_rx1510_firmware *
siemens ruggedcom_rox_rx5000_firmware *
siemens ruggedcom_rox_rx1512_firmware *
siemens ruggedcom_rox_rx1500_firmware *
netapp hci_compute_node -
netapp solidfire -
siemens ruggedcom_rox_rx1511_firmware *
siemens ruggedcom_rox_rx1400_firmware *
CVE-2019-17007 MEDIUM

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
siemens ruggedcom_rox_mx5000_firmware *
siemens ruggedcom_rox_rx5000_firmware *
siemens ruggedcom_rox_rx1512_firmware *
siemens ruggedcom_rox_rx1500_firmware *
siemens ruggedcom_rox_rx1511_firmware *
mozilla network_security_services *
siemens ruggedcom_rox_rx1400_firmware *
siemens ruggedcom_rox_rx1501_firmware *
siemens ruggedcom_rox_rx1510_firmware *
CVE-2019-17008 MEDIUM

When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
CVE-2019-17009 MEDIUM

When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
CVE-2019-17010 MEDIUM

Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
CVE-2019-17011 MEDIUM

Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
CVE-2019-17012 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
CVE-2019-17013 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17014 MEDIUM

If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 2.8 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17015 MEDIUM

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-17016 MEDIUM

When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 19.10
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 10.0
canonical ubuntu_linux 19.04
redhat enterprise_linux_server_aus 7.7
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_tus 7.7
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2019-17017 MEDIUM

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 19.10
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 10.0
canonical ubuntu_linux 19.04
redhat enterprise_linux_server_aus 7.7
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_tus 7.7
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2019-17018 MEDIUM

When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17019 MEDIUM

When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-17020 MEDIUM

If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 19.10
canonical ubuntu_linux 19.04
CVE-2019-17021 LOW

During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
opensuse leap 15.1
CVE-2019-17022 MEDIUM

When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer does not escape &lt; and &gt; characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
canonical ubuntu_linux 19.10
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 10.0
canonical ubuntu_linux 19.04
redhat enterprise_linux_server_aus 7.7
canonical ubuntu_linux 16.04
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_tus 7.7
debian debian_linux 8.0
redhat enterprise_linux_server 6.0
CVE-2019-17023 MEDIUM

After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
canonical ubuntu_linux 19.10
debian debian_linux 10.0
canonical ubuntu_linux 19.04
CVE-2019-17024 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_desktop 7.0
mozilla firefox_esr *
redhat enterprise_linux_server_tus 8.2
canonical ubuntu_linux 19.10
redhat enterprise_linux_server 7.0
redhat enterprise_linux_eus 7.7
debian debian_linux 10.0
canonical ubuntu_linux 19.04
redhat enterprise_linux_server_aus 7.7
canonical ubuntu_linux 16.04
redhat enterprise_linux 8.0
mozilla firefox *
redhat enterprise_linux_workstation 6.0
debian debian_linux 9.0
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server 6.0
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_server_tus 8.4
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_eus 8.2
opensuse leap 15.1
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 7.7
debian debian_linux 8.0
CVE-2019-17025 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
canonical ubuntu_linux 19.10
canonical ubuntu_linux 19.04
CVE-2019-17026 MEDIUM

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,CWE-843,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-7317 LOW

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-416,

Products Affected

Vendor Product Version
redhat enterprise_linux 6.0
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_for_power_little_endian 8.0
opensuse leap 15.0
redhat enterprise_linux_desktop 7.0
oracle java_se 7u221
redhat enterprise_linux_for_power_big_endian 7.0
canonical ubuntu_linux 16.04
redhat enterprise_linux 7.0
debian debian_linux 9.0
canonical ubuntu_linux 18.10
oracle jdk 11.0.3
netapp active_iq_unified_manager 9.6
netapp cloud_backup -
netapp active_iq_unified_manager *
redhat enterprise_linux_for_ibm_z_systems 6.0
mozilla firefox -
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 18.04
redhat enterprise_linux_for_power_little_endian 7.0
libpng libpng *
oracle mysql *
hpe xp7_command_view_advanced_edition_suite *
redhat enterprise_linux_workstation 7.0
oracle jdk 12.0.1
netapp e-series_santricity_unified_manager *
opensuse leap 15.1
redhat enterprise_linux_for_ibm_z_systems 7.0
oracle java_se 8u212
netapp e-series_santricity_storage_manager *
redhat satellite 5.8
netapp e-series_santricity_management -
opensuse leap 42.3
mozilla thunderbird -
redhat enterprise_linux_for_scientific_computing 6.0
canonical ubuntu_linux 19.04
redhat enterprise_linux_for_ibm_z_systems 8.0
netapp plug-in_for_symantec_netbackup -
netapp oncommand_insight *
netapp oncommand_workflow_automation *
redhat enterprise_linux 8.0
redhat enterprise_linux_workstation 6.0
netapp snapmanager *
hp xp7_command_view *
redhat enterprise_linux_for_power_big_endian 6.0
netapp steelstore -
netapp e-series_santricity_web_services *
opensuse package_hub -
oracle hyperion_infrastructure_technology 11.2.6.0
debian debian_linux 8.0
netapp snapmanager 3.4.2
CVE-2019-9788 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_tus 8.4
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_server_aus 8.2
CVE-2019-9789 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9790 HIGH

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9791 HIGH

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_tus 8.4
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_server_aus 8.2
CVE-2019-9792 HIGH

The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_tus 8.4
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_server_aus 8.2
CVE-2019-9793 MEDIUM

A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances where users have explicitly disabled Spectre mitigations. *Note: Spectre mitigations are currently enabled for all users by default settings.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9794 HIGH

A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-88,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9795 HIGH

A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-617,CWE-843,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9796 HIGH

A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver's observer array. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9797 MEDIUM

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9798 MEDIUM

On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-426,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9799 MEDIUM

Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9800 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9801 MEDIUM

Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9802 MEDIUM

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9803 MEDIUM

The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9804 HIGH

In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9805 HIGH

A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-908,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9806 MEDIUM

A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9807 MEDIUM

When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9808 MEDIUM

If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9809 MEDIUM

If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9810 MEDIUM

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_server_tus 8.4
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_server_aus 8.2
CVE-2019-9811 MEDIUM

As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.3 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H 1.6 6.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
opensuse leap 15.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 8.0
CVE-2019-9812 MEDIUM

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.3 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H 2.8 5.8

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2019-9813 MEDIUM

Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9814 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2019-9815 MEDIUM

If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9816 MEDIUM

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9817 MEDIUM

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9818 MEDIUM

A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.3 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H 1.6 6.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9819 HIGH

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9820 HIGH

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2019-9821 MEDIUM

A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox < 67.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12387 MEDIUM

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-12388 HIGH

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2020-12389 HIGH

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2020-12390 HIGH

Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12391 MEDIUM

Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12392 LOW

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-22,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-12393 MEDIUM

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-12394 LOW

A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12395 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-12396 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12397 MEDIUM

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla thunderbird *
canonical ubuntu_linux 19.10
CVE-2020-12398 MEDIUM

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird < 68.9.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-319,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla thunderbird *
canonical ubuntu_linux 19.10
CVE-2020-12399 LOW

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N 0.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
CVE-2020-12400 LOW

When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.0 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12401 LOW

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.0 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12402 LOW

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N 0.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.1
debian debian_linux 9.0
fedoraproject fedora 32
opensuse leap 15.2
CVE-2020-12403 MEDIUM

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
mozilla nss *
CVE-2020-12404 MEDIUM

For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files. This vulnerability affects Firefox for iOS < 26.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12405 LOW

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-12406 HIGH

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-345,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-12407 LOW

Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12408 MEDIUM

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox < 77.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12409 MEDIUM

When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox < 77.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12410 HIGH

Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-12411 HIGH

Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 77.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12412 MEDIUM

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12413

The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2020-12414 MEDIUM

IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted when leaving private mode. This vulnerability affects Firefox for iOS < 27.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-459,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12415 MEDIUM

When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox < 78.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.1
opensuse leap 15.2
CVE-2020-12416 HIGH

A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.1
opensuse leap 15.2
CVE-2020-12417 HIGH

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-617,CWE-681,CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
opensuse leap 15.2
CVE-2020-12418 MEDIUM

Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
opensuse leap 15.2
CVE-2020-12419 HIGH

When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
opensuse leap 15.2
CVE-2020-12420 HIGH

When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
canonical ubuntu_linux 19.10
opensuse leap 15.2
CVE-2020-12421 MEDIUM

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-12422 HIGH

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.1
opensuse leap 15.2
CVE-2020-12423 MEDIUM

When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12424 MEDIUM

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.1
opensuse leap 15.2
CVE-2020-12425 MEDIUM

Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-12426 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 78.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
opensuse leap 15.1
opensuse leap 15.2
CVE-2020-13790 MEDIUM

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
libjpeg-turbo libjpeg-turbo 2.0.4
mozilla mozjpeg 4.0.0
CVE-2020-15646 MEDIUM

If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This vulnerability affects Thunderbird < 68.10.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2020-15647 MEDIUM

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 2.8 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15648 MEDIUM

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2020-15649 MEDIUM

Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
mozilla firefox_esr *
CVE-2020-15650 MEDIUM

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox_esr *
CVE-2020-15651 MEDIUM

A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15652 MEDIUM

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15653 MEDIUM

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15654 MEDIUM

When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15655 MEDIUM

A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.2
CVE-2020-15656 HIGH

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.2
CVE-2020-15657 MEDIUM

Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15658 MEDIUM

The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-754,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15659 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
opensuse leap 15.2
CVE-2020-15660 MEDIUM

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
mozilla geckodriver *
CVE-2020-15661 MEDIUM

A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15662 MEDIUM

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15663 HIGH

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, and Firefox ESR < 78.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-427,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15664 MEDIUM

By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, Firefox ESR < 78.2, and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15665 MEDIUM

Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15666 MEDIUM

When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status to services or device discovery on a local network among other attacks. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-209,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15667 MEDIUM

When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controlled signing key. This vulnerability affects Firefox < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15668 MEDIUM

A lock was missing when accessing a data structure and importing certificate information into the trust database. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-667,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15669 MEDIUM

When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.12 and Thunderbird < 68.12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15670 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-416,CWE-617,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-15671 LOW

When typing in a password under certain conditions, a race may have occured where the InputContext was not being correctly set for the input field, resulting in the typed password being saved to the keyboard dictionary. This vulnerability affects Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.6 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15673 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
opensuse leap 15.2
CVE-2020-15674 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-667,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15675 MEDIUM

When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 81.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15676 MEDIUM

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
opensuse leap 15.2
CVE-2020-15677 MEDIUM

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
opensuse leap 15.2
CVE-2020-15678 MEDIUM

When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
opensuse leap 15.2
CVE-2020-15679

An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. This issue is limited to cases where attacker and victim are sharing the same source IP and could allow the ability to view session states and disconnect VPN sessions. This vulnerability affects Mozilla VPN iOS 1.0.7 < (929), Mozilla VPN Windows < 1.2.2, and Mozilla VPN Android 1.1.0 < (1360).

Products Affected

Vendor Product Version
mozilla vpn *
CVE-2020-15680 MEDIUM

If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. This allowed an attacker to successfully probe whether an external protocol handler was registered. This vulnerability affects Firefox < 82.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15681 MEDIUM

When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 82.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15682 MEDIUM

When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in. An attacker could induce that prompt to be associated with an origin they didn't control, resulting in a spoofing attack. This was fixed by changing external protocol prompts to be tab-modal while also ensuring they could not be incorrectly associated with a different origin. This vulnerability affects Firefox < 82.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15683 HIGH

Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
opensuse leap 15.1
debian debian_linux 9.0
debian debian_linux 10.0
opensuse leap 15.2
CVE-2020-15684 HIGH

Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 82.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2020-16012 MEDIUM

Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
google chrome *
CVE-2020-25648 MEDIUM

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,CWE-770,

Products Affected

Vendor Product Version
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
oracle communications_offline_mediation_controller 12.0.0.3.0
fedoraproject fedora 31
oracle communications_pricing_design_center 12.0.0.3.0
fedoraproject fedora 32
mozilla network_security_services *
fedoraproject fedora 33
oracle jd_edwards_enterpriseone_tools *
CVE-2020-26950 HIGH

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26951 MEDIUM

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26952 HIGH

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26953 MEDIUM

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26954 MEDIUM

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26955 MEDIUM

When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-565,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26956 MEDIUM

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26957 MEDIUM

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-665,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26958 MEDIUM

Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26959 MEDIUM

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26960 HIGH

If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26961 MEDIUM

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26962 MEDIUM

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26963 MEDIUM

Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26964 MEDIUM

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N 1.6 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26965 MEDIUM

Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-212,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26966 MEDIUM

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26967 MEDIUM

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26968 HIGH

Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26969 HIGH

Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26970 HIGH

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2020-26971 MEDIUM

Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26972 HIGH

The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26973 MEDIUM

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26974 MEDIUM

When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26975 MEDIUM

When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26976 MEDIUM

When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. This vulnerability affects Firefox < 84.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2020-26977 MEDIUM

By attempting to connect a website using an unresponsive port, an attacker could have controlled the content of a tab while the URL bar displayed the original domain. *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-26978 MEDIUM

Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-26979 MEDIUM

When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what the user was typing, perhaps by suggesting it. This vulnerability affects Firefox < 84.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-35111 MEDIUM

When an extension with the proxy permission registered to receive <all_urls>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-35112 MEDIUM

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-35113 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-35114 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6792 MEDIUM

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,CWE-909,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla thunderbird *
canonical ubuntu_linux 19.10
CVE-2020-6793 MEDIUM

When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2020-6794 MEDIUM

If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Thunderbird < 68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,CWE-459,CWE-522,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla thunderbird *
canonical ubuntu_linux 19.10
CVE-2020-6795 MEDIUM

When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2020-6796 MEDIUM

A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2020-6797 MEDIUM

By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6798 MEDIUM

If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6799 MEDIUM

Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-88,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2020-6800 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6801 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
mozilla firefox *
CVE-2020-6802 MEDIUM

In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 30
fedoraproject fedora 31
fedoraproject fedora 32
mozilla bleach *
CVE-2020-6803 MEDIUM

An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security@mozilla.org 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,CWE-601,

Products Affected

Vendor Product Version
mozilla webthings_gateway *
CVE-2020-6804 MEDIUM

A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@mozilla.org 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
mozilla webthings_gateway *
CVE-2020-6805 MEDIUM

When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6806 MEDIUM

By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6807 MEDIUM

When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6808 MEDIUM

When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document. This vulnerability affects Firefox < 74.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6809 MEDIUM

When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox < 74.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6810 MEDIUM

After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks. This vulnerability affects Firefox < 74.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6811 MEDIUM

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6812 MEDIUM

The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6813 MEDIUM

When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6814 HIGH

Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
canonical ubuntu_linux 19.10
CVE-2020-6815 HIGH

Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6816 MEDIUM

In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla bleach *
fedoraproject fedora 33
CVE-2020-6817

bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla bleach *
CVE-2020-6819 MEDIUM

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-416,CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6820 MEDIUM

Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6821 MEDIUM

When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-908,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6822 MEDIUM

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6823 HIGH

A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox < 75.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-862,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6824 LOW

Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.8 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 1.3 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-384,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6825 HIGH

Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2020-6826 HIGH

Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 75.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6827 MEDIUM

When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox_esr *
CVE-2020-6828 MEDIUM

A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution.<br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
mozilla firefox_esr *
CVE-2020-6829 MEDIUM

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6830 MEDIUM

For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for iOS < 25.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2020-6831 HIGH

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
canonical ubuntu_linux 19.10
debian debian_linux 10.0
opensuse leap 15.2
CVE-2021-21354 MEDIUM

Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is an open redirection vulnerability in the path of "https://pollbot.services.mozilla.com/". An attacker can redirect anyone to malicious sites. To Reproduce type in this URL: "https://pollbot.services.mozilla.com//evil.com/". Affected versions will redirect to that website when you inject a payload like "//evil.com/". This is fixed in version 1.4.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security-advisories@github.com 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N 2.8 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
mozilla pollbot *
CVE-2021-23953 MEDIUM

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23954 MEDIUM

Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-843,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23955 MEDIUM

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23956 MEDIUM

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23957 MEDIUM

Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N 2.8 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23958 MEDIUM

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23959 MEDIUM

An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23960 MEDIUM

Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23961 MEDIUM

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 2.8 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2021-23962 MEDIUM

Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23963 MEDIUM

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-281,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23964 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23965 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23968 MEDIUM

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-209,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2021-23969 MEDIUM

As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2021-23970 MEDIUM

Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23971 MEDIUM

When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23972 MEDIUM

One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://www.phishingtarget.com@evil.com'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23973 MEDIUM

When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-209,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2021-23974 MEDIUM

The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23975 MEDIUM

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23976 MEDIUM

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. Note: This issue is a different issue from CVE-2020-26954 and only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23977 LOW

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-367,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23978 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 10.0
CVE-2021-23979 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23980

A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla bleach *
CVE-2021-23981 MEDIUM

A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23982 MEDIUM

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23983 MEDIUM

By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 87.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23984 MEDIUM

A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23985 MEDIUM

If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a direct network connection to the victim) to monitor the user's browsing activity and (plaintext) network traffic. This was addressed by providing a visual cue when Devtools has an open network socket. This vulnerability affects Firefox < 87.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23986 MEDIUM

A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication. This vulnerability affects Firefox < 87.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23987 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23988 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 87.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23991 MEDIUM

If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey, Thunderbird might subsequently attempt to use the invalid subkey, and will fail to send encrypted email to Alice. This vulnerability affects Thunderbird < 78.9.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N 1.6 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-23992 MEDIUM

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-23993 MEDIUM

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-347,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-23994 MEDIUM

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-909,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23995 MEDIUM

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-672,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23996 MEDIUM

By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23997 MEDIUM

Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-681,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-23998 MEDIUM

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-23999 MEDIUM

If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-697,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-24000 LOW

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as &lt;input type="file"&gt;) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.6 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-24001 MEDIUM

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-24002 MEDIUM

When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29944 MEDIUM

Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29945 MEDIUM

The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-682,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29946 MEDIUM

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29947 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29948 LOW

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.5 LOW CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 1.0 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-29949 MEDIUM

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-29950 MEDIUM

Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-29951 MEDIUM

The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1, Firefox < 87, and Firefox ESR < 78.10.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29952 MEDIUM

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29953 MEDIUM

A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected. Further details are being temporarily withheld to allow users an opportunity to update.*. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29954 MEDIUM

Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210428201255.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
mozilla hubs_cloud_reticulum *
CVE-2021-29955 LOW

A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-74,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2021-29956 MEDIUM

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions. This vulnerability affects Thunderbird < 78.10.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-29957 MEDIUM

If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. This vulnerability affects Thunderbird < 78.10.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-29958 MEDIUM

When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS < 34.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-862,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29959 MEDIUM

When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29960 MEDIUM

Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-669,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29961 MEDIUM

When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29962 MEDIUM

Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-404,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29963 MEDIUM

Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29964 MEDIUM

A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 1.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29965 MEDIUM

A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-610,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29966 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 89.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29967 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29968 MEDIUM

When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29969 MEDIUM

If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-552,

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-29970 MEDIUM

A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29971 HIGH

If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-281,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29972 MEDIUM

A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox < 90.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29973 MEDIUM

Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29974 LOW

When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security (which implies that the error should not be override-able.) This issue did not affect the network connections, and they were correctly upgraded to HTTPS automatically. This vulnerability affects Firefox < 90.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29975 MEDIUM

Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This vulnerability affects Firefox < 90.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29976 MEDIUM

Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29977 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 90.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29978 HIGH

Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla mozilla_vpn *
CVE-2021-29979 MEDIUM

Hubs Cloud allows users to download shared content, specifically HTML and JS, which could allow javascript execution in the Hub Cloud instance’s primary hosting domain.*. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210618012634.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla hubs_cloud -
CVE-2021-29980 MEDIUM

Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-909,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29981 MEDIUM

An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox < 91 and Thunderbird < 91.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2021-29982 MEDIUM

Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox < 91 and Thunderbird < 91.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-772,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2021-29983 MEDIUM

Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29984 MEDIUM

Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29985 MEDIUM

A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29986 MEDIUM

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.* This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29987 MEDIUM

After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91 and Thunderbird < 91.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-307,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2021-29988 MEDIUM

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29989 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.13, Firefox ESR < 78.13, and Firefox < 91.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-29990 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 91.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-29991 MEDIUM

Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1 and Thunderbird < 91.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-444,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2021-29993 MEDIUM

Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-30547 MEDIUM

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
google chrome *
debian debian_linux 9.0
debian debian_linux 10.0
fedoraproject fedora 34
CVE-2021-38491 MEDIUM

Mixed-content checks were unable to analyze opaque origins which led to some mixed content being loaded. This vulnerability affects Firefox < 92.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-38492 MEDIUM

When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38493 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.14, Thunderbird < 78.14, and Firefox < 92.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38494 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 91. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 92.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-38495 MEDIUM

Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.1 and Firefox ESR < 91.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38496 MEDIUM

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38497 MEDIUM

Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38498 MEDIUM

During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38499 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 92. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-38500 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38501 MEDIUM

Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38502 MEDIUM

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla thunderbird *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38503 HIGH

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38504 MEDIUM

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38505 MEDIUM

Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account. *This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-668,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-38506 MEDIUM

Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38507 MEDIUM

The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38508 MEDIUM

By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38509 MEDIUM

Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-38510 MEDIUM

The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-40529 LOW

The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

CVSS 2.0

Severity: LOW

Problem Type: CWE-327,

Products Affected

Vendor Product Version
fedoraproject fedora 35
mozilla thunderbird *
botan_project botan *
fedoraproject fedora 34
CVE-2021-4126

When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-4127

An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9.

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-4128

When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>*This bug only affects Firefox on MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-4129

Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-4138 MEDIUM

Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla geckodriver *
CVE-2021-4140

It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2021-4221

If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43527 HIGH

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,

Products Affected

Vendor Product Version
starwindsoftware starwind_virtual_san v8r13
mozilla nss_esr *
oracle communications_cloud_native_core_binding_support_function 1.11.0
oracle communications_cloud_native_core_network_repository_function 1.15.1
netapp e-series_santricity_os_controller *
oracle communications_policy_management 12.6.0.0.0
netapp cloud_backup -
starwindsoftware starwind_san_&_nas v8r13
mozilla nss *
oracle communications_cloud_native_core_network_repository_function 1.15.0
oracle communications_cloud_native_core_network_slice_selection_function 1.8.0
CVE-2021-43528 MEDIUM

Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities. This vulnerability affects Thunderbird < 91.4.0.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
mozilla thunderbird *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2021-43530 MEDIUM

A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43531 MEDIUM

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should have access to. This was fixed to provide the pre-redirect URL. This is related to CVE-2021-43532 but in the context of Web Extensions. This vulnerability affects Firefox < 94.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-346,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43532 MEDIUM

The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an authentication token used to takeover a user account. If a website tricked a user into copy and pasting the image link back to the page, the page would be able to steal the authentication tokens. This was fixed by making the action return the original URL, before any redirects. This vulnerability affects Firefox < 94.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43533 MEDIUM

When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing. This vulnerability affects Firefox < 94.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43534 MEDIUM

Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43535 MEDIUM

A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43536 MEDIUM

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43537 MEDIUM

An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-704,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43538 MEDIUM

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43539 MEDIUM

Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43540 MEDIUM

WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox < 95.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43541 MEDIUM

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43542 MEDIUM

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-209,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43543 MEDIUM

Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43544 MEDIUM

When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2021-43545 MEDIUM

Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-834,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2021-43546 MEDIUM

It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 9.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2022-0511

Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-0517

Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.

Products Affected

Vendor Product Version
mozilla vpn *
CVE-2022-0566

It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-0637

open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla pollbot *
CVE-2022-0843

Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-1097

<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-1196

After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-1197

When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-1520

When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-1529

An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-1802

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-1834

When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-1887

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-21190 HIGH

This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it's possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
report@snyk.io 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-1321,

Products Affected

Vendor Product Version
mozilla convict *
CVE-2022-2200

If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22143 HIGH

The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey. **Note:** This vulnerability derives from an incomplete fix of another [vulnerability](https://security.snyk.io/vuln/SNYK-JS-CONVICT-1062508)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
report@snyk.io 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-1321,

Products Affected

Vendor Product Version
mozilla convict *
CVE-2022-2226

An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature's date roughly matches the displayed date of the email. This vulnerability affects Thunderbird < 102 and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla thunderbird 101.0
mozilla thunderbird *
CVE-2022-22736

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.<br>*This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22737

Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22738

Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22739

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22740

Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22742

When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22743

When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22745

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22746

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22747

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22748

Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22750

By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>*This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22751

Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22752

Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22753

A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22754

If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22755

By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22756

If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22757

Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. <br>*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22758

When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22759

If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22760

When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22761

Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22762

Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-22763

When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-22764

Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-2505

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26381

An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26382

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-26383

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26384

If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26385

In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-26386

Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26387

When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26485

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.

Products Affected

Vendor Product Version
mozilla firefox_focus *
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.

Products Affected

Vendor Product Version
mozilla firefox_focus *
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-28281

If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-28282

By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-28283

The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox < 99.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-28284

SVG's <code>&lt;use&gt;</code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-28285

When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-28286

Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-28287

In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash. This vulnerability affects Firefox < 99.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-28288

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-28289

Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29167 MEDIUM

Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
security-advisories@github.com 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H 2.8 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,CWE-1333,

Products Affected

Vendor Product Version
mozilla hawk *
CVE-2022-29909

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29910

When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-29911

An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29913

The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird < 91.9.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-29914

When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29915

The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-29916

Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29917

Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-29918

Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 100.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-3032

When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-3033

If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn't affect users who have changed the default Message Body display setting to 'simple html' or 'plain text'. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-3034

When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-3155

When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-31736

A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31737

A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31738

When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31739

When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31740

On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31741

A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31742

An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31743

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-31744

An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31745

If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-31746

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-31747

Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-31748

Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 101.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34468

An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34469

When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34470

Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34471

When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34473

The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34474

Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34475

SVG <code>&lt;use&gt;</code> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34476

ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34477

The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34478

The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34479

A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34480

Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34481

In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34482

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34483

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-34484

The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-34485

Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102.

Products Affected

Vendor Product Version
mozilla firefox 101.0
mozilla firefox 101.0.1
CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.

Products Affected

Vendor Product Version
mozilla network_security_services *
CVE-2022-36314

When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-36315

When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox < 103.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-36316

When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-36317

When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 103.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-36318

When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-36320

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-38472

An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-38473

A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-38474

A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown once permission has been granted.<br />*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 104.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-38475

An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-38476

A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2.

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-38477

Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-38478

Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-4066

A vulnerability was found in davidmoreno onion. It has been rated as problematic. Affected by this issue is the function onion_response_flush of the file src/onion/response.c of the component Log Handler. The manipulation leads to allocation of resources. The name of the patch is de8ea938342b36c28024fd8393ebc27b8442a161. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-214028.

Products Affected

Vendor Product Version
onion_project onion *
mozilla firefox -
CVE-2022-40956

When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-40957

Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-40958

By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-40959

During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-40960

Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-40961

During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-40962

Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-42927

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-42928

Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-42929

If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-42930

If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox < 106.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-42931

Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-42932

Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45403

Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45404

Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45405

Freeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45406

If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45407

If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-45408

Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45409

The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45410

When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45411

Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45412

When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45413

Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-45414

If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2022-45415

When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-45416

Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45417

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-45418

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45419

If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-45420

Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-45421

Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46871

An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2022-46872

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46873

Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46875

The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46877

By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2022-46878

Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46879

Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-46880

A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46881

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46882

A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2022-46883

Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-46884

A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2022-46885

Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-0163

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Mozilla Convict. This allows an attacker to inject attributes that are used in other components, or to override existing attributes with ones that have incompatible type, which may lead to a crash. The main use case of Convict is for handling server-side configurations written by the admins owning the servers, and not random users. So it's unlikely that an admin would deliberately sabotage their own server. Still, a situation can happen where an admin not knowledgeable about JavaScript could be tricked by an attacker into writing the malicious JavaScript code into some config files. This issue affects Convict: before 6.2.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
mozilla convict *
CVE-2023-0430

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2023-0547

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2023-0616

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2023-0767

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-1521

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD. If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
mozilla sccache *
CVE-2023-1945

Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-2142

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash \ character.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla nunjucks *
CVE-2023-23597

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the `file://` context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox < 109.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-23598

Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to `DataTransfer.setData`. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-23599

When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-23600

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. *This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 109.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-23601

Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-23602

A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-23603

Regular expressions used to filter out forbidden properties and values from style directives in calls to `console.log` weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-23604

A duplicate `SystemPrincipal` object could be created when parsing a non-system html document via `DOMParser::ParseFromSafeString`. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-23605

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-23606

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25728

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25729

Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25730

A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25732

When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25733

The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25734

After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25735

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25736

An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox < 110.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25737

An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25738

Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25739

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25740

After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox < 110.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25742

When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25743

A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox_focus -
CVE-2023-25744

Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2023-25745

Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25746

Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8.

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25747

A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25748

By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25749

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. <br>*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25750

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-25751

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-25752

When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-28159

The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-28160

When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-28161

If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, such as in a download directory. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-28162

While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-28163

When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-28164

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-28176

Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-28177

Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-29531

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-29533

A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29534

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox_focus *
mozilla firefox *
CVE-2023-29535

Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29536

An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29537

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-29538

Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-29539

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29540

Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code>allow-top-navigation-to-custom-protocols</code>. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-29541

Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29542

A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-29543

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-29544

If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-29545

Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-29546

When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. *This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox_focus *
mozilla firefox *
CVE-2023-29547

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29548

A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29549

Under certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-29550

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla focus *
CVE-2023-29551

Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla focus *
CVE-2023-32205

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32206

An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32207

A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32208

Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-32209

A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-32210

Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability affects Firefox < 113.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-32211

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32212

An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32213

When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32214

Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32215

Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-32216

Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-34414

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-34415

When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in the same process as the site that issued the redirect. This bypassed the site-isolation protections against Spectre-like attacks on sites that host an "open redirect". Firefox no longer follows HTTP redirects to data: URLs. This vulnerability affects Firefox < 114.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-34416

Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-34417

Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 114.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-3482

When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-3600

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-37201

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-37202

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-37203

Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37204

A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37205

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37206

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37207

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-37208

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-37209

A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37210

A website could prevent a user from exiting full-screen mode via alert and prompt calls. This could lead to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37211

Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-37212

Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37455

The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-37456

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-4045

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-4046

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-4047

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-4048

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-4049

Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-4051

A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-4052

The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2023-4053

A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-4054

When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-4055

When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-4056

Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-4057

Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2023-4058

Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-4104

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 1.8 3.6

Products Affected

Vendor Product Version
mozilla vpn *
CVE-2023-42808

Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voice’s server origin. As of time of publication, it is unknown whether any patches or workarounds exist.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security-advisories@github.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla common_voice 1.88.2
CVE-2023-4421

The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key. The issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper. This vulnerability affects NSS < 3.61.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla nss *
CVE-2023-4573

When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4574

When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4575

When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4576

On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N 3.9 4.0

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4577

When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4578

When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4579

Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N 1.6 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-4580

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4581

Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4582

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4583

When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4584

Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4585

Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
fedoraproject fedora 37
google chrome *
mozilla firefox_esr *
debian debian_linux 12.0
microsoft edge *
fedoraproject fedora 38
microsoft teams 1.6.00.26463
microsoft teams 1.6.00.26474
debian debian_linux 10.0
bandisoft honeyview *
microsoft teams *
mozilla firefox *
mozilla thunderbird *
fedoraproject fedora 39
webmproject libwebp *
microsoft webp_image_extension *
microsoft edge_chromium *
bentley seequent_leapfrog *
debian debian_linux 11.0
microsoft webp_image_extension 1.0.62681.0
netapp active_iq_unified_manager -
CVE-2023-49060

An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for iOS < 120.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-49061

An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information. This vulnerability affects Firefox for iOS < 120.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-50761

The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time. This vulnerability affects Thunderbird < 115.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla thunderbird *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-50762

When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message. This vulnerability affects Thunderbird < 115.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla thunderbird *
debian debian_linux 12.0
debian debian_linux 11.0
CVE-2023-5168

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-5169

A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
fedoraproject fedora 39
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5170

In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N 2.8 4.0

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5171

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
fedoraproject fedora 39
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5172

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5173

In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5174

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-5175

During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5176

Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
fedoraproject fedora 37
mozilla firefox_focus *
google chrome *
mozilla firefox_esr *
debian debian_linux 12.0
webmproject libvpx *
apple iphone_os *
apple ipados 16.7
redhat enterprise_linux 9.0
fedoraproject fedora 38
debian debian_linux 10.0
apple ipados *
mozilla firefox *
microsoft edge_chromium 116.0.5845.229
apple ipad_os *
mozilla thunderbird *
fedoraproject fedora 39
apple ipad_os 16.7
microsoft edge 117.0.2045.47
microsoft edge_chromium 117.0.5938.132
debian debian_linux 11.0
apple iphone_os 16.7
microsoft edge 116.0.1938.98
CVE-2023-5388

NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2023-5721

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5722

Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5724

Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5725

A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5726

A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-5727

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2023-5728

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5729

A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5730

Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5731

Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-5732

An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-5758

When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6135

Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6204

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6205

It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6207

Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6208

When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6209

Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6210

When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6211

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6212

Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6213

Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6856

The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6857

When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.6 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6858

Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6860

The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6861

The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6862

A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6863

The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6864

Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6865

`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6866

TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6867

The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2023-6868

In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6869

A `&lt;dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6870

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. *This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_focus -
CVE-2023-6871

Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6872

Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2023-6873

Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
debian debian_linux 12.0
debian debian_linux 11.0
debian debian_linux 10.0
CVE-2024-0605

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2024-0606

An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2024-0741

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0742

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0743

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-0744

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-0745

The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-0746

A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0747

When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0748

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-0749

A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0750

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0751

A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0752

A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-0753

In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0754

Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-0755

Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-0953

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS < 129.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox -
CVE-2024-10458

A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10460

The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10461

In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10462

Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10463

Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10464

Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10465

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10466

By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10467

Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10468

Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-10474

Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2024-10941

A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox < 126.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-11159

Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2024-11691

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11692

An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11694

Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11695

A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11696

The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11697

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11699

Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11704

A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. This vulnerability affects Firefox < 133, Thunderbird < 133, Firefox ESR < 128.7, and Thunderbird < 128.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-11705

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows `phKey` to be NULL for certain mechanisms. This vulnerability affects Firefox < 133 and Thunderbird < 133.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-1546

When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1547

Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1548

A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1549

If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1550

A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1552

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1553

Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-1555

When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox < 123.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-1556

The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-1557

Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-1563

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS < 122.

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2024-1936

The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects Thunderbird < 115.8.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-2612

If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-2613

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-2614

Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-2616

To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This vulnerability affects Firefox ESR < 115.9 and Thunderbird < 115.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-26281

Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-26282

Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-26283

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-26284

Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website. This vulnerability affects Focus for iOS < 123.

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2024-38312

When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-38313

In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-3863

The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-3865

Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-43113

The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-4367

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

Products Affected

Vendor Product Version
open-xchange open-xchange_appsuite_frontend 7.10.6
mozilla firefox *
mozilla thunderbird *
open-xchange open-xchange_appsuite_frontend *
debian debian_linux 10.0
CVE-2024-4774

The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox < 126.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-53975

Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS < 133.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-5687

If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the `Referer` and `Sec-*` headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-5689

In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-5690

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
debian debian_linux 10.0
CVE-2024-5691

By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2024-5692

On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-5693

Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-5694

An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-5695

If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-5696

By manipulating the text in an `&lt;input&gt;` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
debian debian_linux 10.0
CVE-2024-5697

A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-5698

By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-6600

Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-6602

A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-6607

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-6608

It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-6609

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-6610

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-7520

A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2024-8381

A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2024-8382

Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2024-8383

Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2024-8384

The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2024-8386

If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla firefox_esr *
CVE-2024-8388

Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-8900

An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2024-9392

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-9393

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla thunderbird 129.0
mozilla firefox_esr *
CVE-2024-9394

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla thunderbird 129.0
mozilla firefox_esr *
CVE-2024-9398

By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla thunderbird 129.0
mozilla firefox_esr *
CVE-2024-9399

A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-9401

Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2024-9680

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
mozilla firefox_esr *
mozilla thunderbird 131.0
debian debian_linux 11.0
CVE-2025-0237

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0238

Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0239

When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0240

Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 2.5 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0241

When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.7 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L 2.2 5.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0242

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0243

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-0510

Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1010

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1011

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1012

A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1013

A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1014

Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1016

Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1017

Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1018

The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affects Firefox < 135 and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox < 135 and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1020

Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135 and Thunderbird < 135.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10290

Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press This vulnerability affects Focus for iOS < 143.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2025-10527

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L 2.8 3.7

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10528

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10529

Same-origin policy bypass in the Layout component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10530

Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 143 and Thunderbird < 143.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10531

Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability affects Firefox < 143 and Thunderbird < 143.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10532

Incorrect boundary conditions in the JavaScript: GC component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10533

Integer overflow in the SVG component. This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10534

Spoofing issue in the Site Permissions component. This vulnerability affects Firefox < 143 and Thunderbird < 143.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10535

Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability affects Firefox < 143.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-10536

Information disclosure in the Networking: Cache component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.5 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10537

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-10859

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS < 143.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 2.5 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-11152

Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143.0.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 3.9 4.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-11153

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 143.0.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-11708

Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11709

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11710

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11711

There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11712

A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11713

Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11714

Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11715

Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox < 144 and Thunderbird < 144.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox < 144.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox < 144.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This vulnerability affects Firefox < 144.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-11721

Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 144 and Thunderbird < 144.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-12380

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox < 144.0.2.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13012

Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13013

Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13014

Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13015

Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13016

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13017

Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13018

Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13019

Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13020

Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13021

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13022

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13023

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13024

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13025

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13026

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-13027

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 145 and Thunderbird < 145.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-14321

Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14322

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.0 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N 1.6 5.8

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14323

Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14324

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14325

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14326

Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14327

Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, and Firefox ESR < 140.7.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14328

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14329

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14330

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14332

Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Thunderbird < 146.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14333

Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-14744

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS < 144.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-14860

Use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 146.0.1.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-14861

Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-1931

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1932

An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1933

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H 2.8 4.7

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1934

It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1936

jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1937

Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1938

Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-1939

Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 3.9 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 1.3 2.5

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-2817

Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-2830

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-2857

Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-3028

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-3029

A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-3030

Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-3523

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.4 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L 1.6 4.7

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-3608

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox < 137.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N 2.2 4.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-3859

Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage This vulnerability affects Focus < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2025-3875

Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-3909

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-4082

Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 2.2 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4083

A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4084

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 2.1 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4085

An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox < 138 and Thunderbird < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 2.8 4.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4086

A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138 and Thunderbird < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4087

A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4088

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox < 138 and Thunderbird < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4089

Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and Thunderbird < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.1 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 2.5 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4090

A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4091

Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4092

Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4093

Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4918

An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-4919

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-49709

Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-49710

An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5262

A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 139 and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-5263

Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 1.3 3.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5265

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 1.3 3.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5266

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5267

A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5268

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-5269

Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11 and Thunderbird < 128.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5271

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability affects Firefox < 139 and Thunderbird < 139.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-5272

Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Thunderbird < 139.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-54143

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-54144

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-54145

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-55028

Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-55029

Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-55030

Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-55031

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Firefox for iOS < 142 and Focus for iOS < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox_focus *
mozilla firefox *
CVE-2025-55032

Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks This vulnerability affects Focus for iOS < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2025-55033

Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks This vulnerability affects Focus for iOS < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox_focus *
CVE-2025-5687

A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.28.0 < (macOS).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
mozilla vpn *
CVE-2025-5986

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.11.1 and Thunderbird < 139.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2025-6424

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6425

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6426

The executable file warning did not warn users before opening files with the `terminal` extension. *This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6427

An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6428

When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6429

Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6430

When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `&lt;embed&gt;` or `&lt;object&gt;` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6431

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6432

When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability affects Firefox < 140 and Thunderbird < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L 3.9 4.7

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6433

If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This vulnerability affects Firefox < 140 and Thunderbird < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6434

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140 and Thunderbird < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-6435

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140 and Thunderbird < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-6436

Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140 and Thunderbird < 140.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-6703

Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.

Products Affected

Vendor Product Version
mozilla neqo *
CVE-2025-8027

On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8028

On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8029

Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8030

Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8031

The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8032

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8033

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8034

Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8035

Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8036

Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8038

Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8039

In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8040

Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8041

In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-8042

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-8043

Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability affects Firefox < 141 and Thunderbird < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8044

Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141 and Thunderbird < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-8364

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 141.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-9179

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-9180

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-9181

Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-9182

Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-9183

Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-9184

Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-9185

Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2025-9186

Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2025-9187

Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird < 142.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0818

When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If the user had additionally allowed loading of the remote content referenced by the outer email message, and the email was crafted by the sender using a combination of CSS rules and fonts and animations, then it was possible to extract the secret contents of the email. This vulnerability affects Thunderbird < 147.0.1 and Thunderbird < 140.7.1.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2026-0877

Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0878

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.0 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N 1.6 5.8

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0879

Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0880

Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0881

Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147 and Thunderbird < 147.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0882

Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0883

Information disclosure in the Networking component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0885

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0886

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0887

Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0888

Information disclosure in the XML component. This vulnerability affects Firefox < 147 and Thunderbird < 147.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0889

Denial-of-service in the DOM: Service Workers component. This vulnerability affects Firefox < 147 and Thunderbird < 147.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0890

Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 3.9 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0891

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-0892

Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147 and Thunderbird < 147.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2032

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-2447

Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 147.0.2.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-24869

Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-2634

Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability affects Firefox for iOS < 147.4.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-2757

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2758

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2759

Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2760

Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2761

Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2762

Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2763

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2764

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2765

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2766

Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2768

Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2770

Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2771

Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2772

Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2773

Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2774

Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2775

Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2776

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2777

Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2778

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2779

Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2780

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2781

Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2782

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2783

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2784

Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2785

Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2786

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2787

Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2788

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2789

Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2790

Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2791

Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2792

Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2793

Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148.

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-2795

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2796

JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2797

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2798

Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2799

Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2800

Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2801

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2802

Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.2 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N 1.6 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2803

Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2804

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2805

Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2806

Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-2807

Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-3845

Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-3847

Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2026-4371

A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.

Products Affected

Vendor Product Version
mozilla thunderbird *
CVE-2026-4684

Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4685

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4686

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4687

Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H 3.9 4.0

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4688

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4690

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H 3.9 4.0

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4693

Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4695

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4696

Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4697

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4698

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4699

Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4700

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4701

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4702

JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4704

Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4705

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4706

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4707

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4708

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4709

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4710

Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4711

Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4712

Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4713

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4714

Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4715

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4716

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4717

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4718

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4719

Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4720

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4721

Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4722

Privilege escalation in the IPC component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4723

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4724

Undefined behavior in the Audio/Video component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4725

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-4726

Denial-of-service in the XML component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4727

Denial-of-service in the Libraries component in NSS. This vulnerability affects Firefox < 149 and Thunderbird < 149.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-4729

Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149 and Thunderbird < 149.

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 140.9.1, Thunderbird < 149.0.2, and Thunderbird < 140.9.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-5733

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
CVE-2026-5734

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 140.9.1, Thunderbird < 149.0.2, and Thunderbird < 140.9.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-5735

Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-6750

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-6784

Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-6785

Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *
CVE-2026-6786

Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
mozilla firefox *
mozilla thunderbird *