Search CVE reports
201 – 210 of 227 results
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for...
7 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other...
6 affected packages
iceape, firefox, firefox-3.0, iceweasel, seamonkey, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iceape | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 24 of 29
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding...
9 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding...
6 affected packages
firefox, firefox-3.0, iceape, iceweasel, seamonkey, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
6 affected packages
firefox, firefox-3.0, iceape, iceweasel, seamonkey, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 24 of 29
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data:...
9 affected packages
thunderbird, firefox, firefox-3.0, iceape, icedove...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 24 of 29
Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a...
9 affected packages
icedove, firefox, firefox-3.0, iceape, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| icedove | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2)...
6 affected packages
firefox, firefox-3.0, iceape, iceweasel, seamonkey, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer...
7 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 24 of 29
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute...
9 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |