Search CVE reports
51 – 60 of 164 results
Some fixes available 9 of 12
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain...
6 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 9 of 12
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial...
6 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 9 of 12
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash)...
6 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 2 of 10
Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network...
2 affected packages
seamonkey, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| seamonkey | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS prefetching even when the app type is APP_TYPE_MAIL or APP_TYPE_EDITOR, which makes it easier for remote attackers to determine the...
2 affected packages
xulrunner-1.9.1, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xulrunner-1.9.1 | — | — | — | — |
| thunderbird | — | — | — | — |
Visual truncation vulnerability in the MakeScriptDialogTitle function in nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the origin domain name of a script via a long name.
1 affected package
xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xulrunner-1.9.1 | — | — | — | — |
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain.
1 affected package
xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 9 of 12
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy...
6 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry,...
5 affected packages
firefox-3.0, firefox-3.5, seamonkey, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 9 of 12
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window,...
4 affected packages
firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |