Search CVE reports
111 – 120 of 127 results
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack...
5 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in...
4 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla, mozilla-thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 3 of 4
Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that...
5 affected packages
firefox, firefox-3.0, lightning-sunbird, midbrowser, mozilla
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla | — | — | — | — |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla, mozilla-thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using...
5 affected packages
lightning-sunbird, midbrowser, firefox, firefox-granparadiso, mozilla
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| mozilla | — | — | — | — |
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution...
4 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined...
4 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
4 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |