- Home
- CVEs with nessus.description==Several problems have been discovered in Mozilla Thunderbird, the standalone mail client of the Mozilla suite. The Common Vulnerabilities and Exposures project identifies the following problems :
- CAN-2005-0989 Remote attackers could read portions of heap memory into a JavaScript string via the lambda replace method.
- CAN-2005-1159
The JavaScript interpreter could be tricked to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
- CAN-2005-1160
Remote attackers could override certain properties or methods of DOM nodes and gain privileges.
- CAN-2005-1532
Remote attackers could override certain properties or methods due to missing proper limitation of JavaScript eval and Script objects and gain privileges.
- CAN-2005-2261
XML scripts ran even when JavaScript disabled.
- CAN-2005-2265
Missing input sanitising of InstallVersion.compareTo() can cause the application to crash.
- CAN-2005-2266
Remote attackers could steal sensitive information such as cookies and passwords from websites by accessing data in alien frames.
- CAN-2005-2269
Remote attackers could modify certain tag properties of DOM nodes that could lead to the execution of arbitrary script or code.
- CAN-2005-2270
The Mozilla browser family does not properly clone base objects, which allows remote attackers to execute arbitrary code.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top