Search CVE reports
71 – 80 of 164 results
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...
2 affected packages
firefox-3.5, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly...
4 affected packages
firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 2 of 3
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. ...
2 affected packages
firefox, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 3 of 6
The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a...
3 affected packages
firefox, xulrunner-1.9.1, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 5 of 12
Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code...
4 affected packages
firefox, liboggz, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| liboggz | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof...
5 affected packages
firefox-3.0, firefox-3.5, thunderbird, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the...
4 affected packages
firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects...
4 affected packages
firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 8 of 10
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
4 affected packages
firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Some fixes available 9 of 11
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
4 affected packages
firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |