Search CVE reports
191 – 200 of 227 results
Some fixes available 17 of 23
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText,...
6 affected packages
firefox, firefox-3.0, iceape, seamonkey, xulrunner, xulrunner-1.9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
Some fixes available 33 of 39
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript...
8 affected packages
thunderbird, firefox, firefox-3.0, iceape, mozilla-thunderbird...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
Some fixes available 6 of 8
The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set...
5 affected packages
firefox, firefox-3.0, iceweasel, xulrunner, xulrunner-1.9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceweasel | — | — | — | — |
| xulrunner | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute...
1 affected package
firefox-3.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
10 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files...
10 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
Some fixes available 24 of 29
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash)...
9 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for...
7 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceape | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 24 of 29
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the...
9 affected packages
iceape, firefox, firefox-3.0, icedove, iceweasel...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iceape | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| icedove | — | — | — | — |
| iceweasel | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Some fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other...
6 affected packages
iceape, firefox, firefox-3.0, iceweasel, seamonkey, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iceape | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| iceweasel | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner | — | — | — | — |