Max CVSS | 10.0 | Min CVSS | 2.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-0791 | 5.0 |
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other pr
|
21-12-2022 - 16:17 | 03-04-2013 - 11:56 | |
CVE-2013-0800 | 6.8 |
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, Se
|
11-03-2021 - 15:35 | 03-04-2013 - 11:56 | |
CVE-2012-3972 | 5.0 |
The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensit
|
09-09-2020 - 14:51 | 29-08-2012 - 10:56 | |
CVE-2012-3961 | 10.0 |
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arb
|
28-08-2020 - 14:23 | 29-08-2012 - 10:56 | |
CVE-2012-3968 | 10.0 |
Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitra
|
28-08-2020 - 14:23 | 29-08-2012 - 10:56 | |
CVE-2012-3957 | 10.0 |
Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to e
|
28-08-2020 - 14:12 | 29-08-2012 - 10:56 | |
CVE-2012-3956 | 10.0 |
Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote atta
|
28-08-2020 - 14:09 | 29-08-2012 - 10:56 | |
CVE-2012-1975 | 10.0 |
Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to exe
|
28-08-2020 - 13:44 | 29-08-2012 - 10:56 | |
CVE-2012-1972 | 10.0 |
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote
|
28-08-2020 - 13:33 | 29-08-2012 - 10:56 | |
CVE-2012-1970 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial
|
28-08-2020 - 13:30 | 29-08-2012 - 10:56 | |
CVE-2012-3963 | 10.0 |
Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to
|
26-08-2020 - 20:38 | 29-08-2012 - 10:56 | |
CVE-2012-3960 | 10.0 |
Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote at
|
26-08-2020 - 20:37 | 29-08-2012 - 10:56 | |
CVE-2012-3959 | 10.0 |
Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attacke
|
26-08-2020 - 20:36 | 29-08-2012 - 10:56 | |
CVE-2012-1976 | 10.0 |
Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote a
|
26-08-2020 - 20:36 | 29-08-2012 - 10:56 | |
CVE-2012-1974 | 10.0 |
Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers
|
26-08-2020 - 20:36 | 29-08-2012 - 10:56 | |
CVE-2012-1973 | 10.0 |
Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attac
|
26-08-2020 - 20:35 | 29-08-2012 - 10:56 | |
CVE-2012-4193 | 6.8 |
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, w
|
14-08-2020 - 18:07 | 12-10-2012 - 10:44 | |
CVE-2012-5829 | 9.3 |
Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to exe
|
14-08-2020 - 17:38 | 21-11-2012 - 12:55 | |
CVE-2012-4201 | 4.3 |
The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code
|
14-08-2020 - 17:33 | 21-11-2012 - 12:55 | |
CVE-2012-3993 | 9.3 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallT
|
13-08-2020 - 20:43 | 10-10-2012 - 17:55 | |
CVE-2012-4216 | 9.3 |
Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to exe
|
13-08-2020 - 19:42 | 21-11-2012 - 12:55 | |
CVE-2012-4214 | 9.3 |
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attac
|
13-08-2020 - 19:38 | 21-11-2012 - 12:55 | |
CVE-2012-4209 | 4.3 |
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which make
|
13-08-2020 - 19:32 | 21-11-2012 - 12:55 | |
CVE-2012-4182 | 9.3 |
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to
|
13-08-2020 - 19:32 | 10-10-2012 - 17:55 | |
CVE-2012-4188 | 9.3 |
Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary
|
13-08-2020 - 19:29 | 10-10-2012 - 17:55 | |
CVE-2012-3990 | 9.3 |
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to exe
|
13-08-2020 - 19:27 | 10-10-2012 - 17:55 | |
CVE-2012-4207 | 4.3 |
The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in pro
|
13-08-2020 - 19:20 | 21-11-2012 - 12:55 | |
CVE-2012-4184 | 4.3 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype
|
13-08-2020 - 18:32 | 10-10-2012 - 17:55 | |
CVE-2012-4179 | 9.3 |
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote att
|
13-08-2020 - 18:21 | 10-10-2012 - 17:55 | |
CVE-2012-3995 | 9.3 |
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a den
|
13-08-2020 - 18:12 | 10-10-2012 - 17:55 | |
CVE-2012-3988 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code v
|
12-08-2020 - 18:11 | 10-10-2012 - 17:55 | |
CVE-2012-4196 | 6.4 |
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a pro
|
12-08-2020 - 17:45 | 29-10-2012 - 18:55 | |
CVE-2012-4194 | 4.3 |
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location),
|
12-08-2020 - 17:43 | 29-10-2012 - 18:55 | |
CVE-2012-4195 | 4.3 |
The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and prin
|
12-08-2020 - 14:39 | 29-10-2012 - 18:55 | |
CVE-2012-4183 | 9.3 |
Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attacke
|
11-08-2020 - 13:47 | 10-10-2012 - 17:55 | |
CVE-2012-4186 | 9.3 |
Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to
|
11-08-2020 - 13:43 | 10-10-2012 - 17:55 | |
CVE-2012-3991 | 9.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to by
|
11-08-2020 - 13:37 | 10-10-2012 - 17:55 | |
CVE-2013-0771 | 9.3 |
Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote a
|
11-08-2020 - 13:14 | 13-01-2013 - 20:55 | |
CVE-2013-0769 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey be
|
11-08-2020 - 13:09 | 13-01-2013 - 20:55 | |
CVE-2013-0757 | 9.3 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of
|
11-08-2020 - 13:08 | 13-01-2013 - 20:55 | |
CVE-2013-0756 | 9.3 |
Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbi
|
10-08-2020 - 21:08 | 13-01-2013 - 20:55 | |
CVE-2013-0755 | 9.3 |
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remot
|
10-08-2020 - 21:05 | 13-01-2013 - 20:55 | |
CVE-2013-0747 | 6.8 |
The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same
|
10-08-2020 - 20:58 | 13-01-2013 - 20:55 | |
CVE-2013-0752 | 9.3 |
Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) vi
|
10-08-2020 - 20:52 | 13-01-2013 - 20:55 | |
CVE-2013-0745 | 9.3 |
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows rem
|
10-08-2020 - 20:31 | 13-01-2013 - 20:55 | |
CVE-2012-4180 | 9.3 |
Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote a
|
10-08-2020 - 16:44 | 10-10-2012 - 17:55 | |
CVE-2012-3982 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial
|
10-08-2020 - 15:53 | 10-10-2012 - 17:55 | |
CVE-2012-4185 | 9.3 |
Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary c
|
10-08-2020 - 15:19 | 10-10-2012 - 17:55 | |
CVE-2012-4187 | 9.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary c
|
10-08-2020 - 14:59 | 10-10-2012 - 17:55 | |
CVE-2012-3992 | 4.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XS
|
10-08-2020 - 14:52 | 10-10-2012 - 17:55 | |
CVE-2012-3986 | 4.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote a
|
10-08-2020 - 14:47 | 10-10-2012 - 17:55 | |
CVE-2013-0768 | 9.3 |
Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbit
|
07-08-2020 - 18:48 | 13-01-2013 - 20:55 | |
CVE-2013-0767 | 10.0 |
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15
|
07-08-2020 - 18:46 | 13-01-2013 - 20:55 | |
CVE-2013-0766 | 9.3 |
Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and Sea
|
07-08-2020 - 18:34 | 13-01-2013 - 20:55 | |
CVE-2013-0764 | 9.3 |
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, wh
|
07-08-2020 - 17:54 | 13-01-2013 - 20:55 | |
CVE-2013-0761 | 9.3 |
Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows rem
|
07-08-2020 - 17:52 | 13-01-2013 - 20:55 | |
CVE-2013-0749 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a deni
|
07-08-2020 - 17:49 | 13-01-2013 - 20:55 | |
CVE-2012-3994 | 4.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Obj
|
07-08-2020 - 15:42 | 10-10-2012 - 17:55 | |
CVE-2012-4181 | 9.3 |
Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote atta
|
07-08-2020 - 15:42 | 10-10-2012 - 17:55 | |
CVE-2012-4215 | 9.3 |
Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote
|
06-08-2020 - 19:21 | 21-11-2012 - 12:55 | |
CVE-2012-5840 | 9.3 |
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attac
|
06-08-2020 - 17:38 | 21-11-2012 - 12:55 | |
CVE-2013-0783 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a deni
|
06-08-2020 - 17:24 | 19-02-2013 - 23:55 | |
CVE-2013-0782 | 9.3 |
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote att
|
06-08-2020 - 17:14 | 19-02-2013 - 23:55 | |
CVE-2013-0780 | 9.3 |
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote
|
06-08-2020 - 17:10 | 19-02-2013 - 23:55 | |
CVE-2012-5833 | 9.3 |
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers
|
06-08-2020 - 16:50 | 21-11-2012 - 12:55 | |
CVE-2012-4202 | 9.3 |
Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attacker
|
06-08-2020 - 16:49 | 21-11-2012 - 12:55 | |
CVE-2012-5841 | 4.3 |
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write acti
|
06-08-2020 - 16:48 | 21-11-2012 - 12:55 | |
CVE-2012-5842 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a deni
|
06-08-2020 - 16:47 | 21-11-2012 - 12:55 | |
CVE-2012-5835 | 10.0 |
Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or caus
|
06-08-2020 - 16:47 | 21-11-2012 - 12:55 | |
CVE-2012-5839 | 9.3 |
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows
|
06-08-2020 - 16:47 | 21-11-2012 - 12:55 | |
CVE-2013-0776 | 4.0 |
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides
|
06-08-2020 - 16:47 | 19-02-2013 - 23:55 | |
CVE-2013-0775 | 9.3 |
Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote
|
06-08-2020 - 16:41 | 19-02-2013 - 23:55 | |
CVE-2013-0774 | 4.3 |
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspeci
|
06-08-2020 - 16:40 | 19-02-2013 - 23:55 | |
CVE-2013-0773 | 9.3 |
The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modi
|
06-08-2020 - 16:34 | 19-02-2013 - 23:55 | |
CVE-2013-0748 | 4.3 |
The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes i
|
04-08-2020 - 18:59 | 13-01-2013 - 20:55 | |
CVE-2013-0750 | 9.3 |
Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15
|
04-08-2020 - 18:59 | 13-01-2013 - 20:55 | |
CVE-2013-0746 | 9.3 |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the js
|
04-08-2020 - 18:22 | 13-01-2013 - 20:55 | |
CVE-2013-0744 | 9.3 |
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 a
|
04-08-2020 - 17:35 | 13-01-2013 - 20:55 | |
CVE-2013-0753 | 9.3 |
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12
|
04-08-2020 - 16:21 | 13-01-2013 - 20:55 | |
CVE-2013-0754 | 9.3 |
Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaM
|
04-08-2020 - 15:35 | 13-01-2013 - 20:55 | |
CVE-2013-0758 | 9.3 |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScri
|
04-08-2020 - 15:32 | 13-01-2013 - 20:55 | |
CVE-2013-0759 | 5.0 |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via
|
04-08-2020 - 15:31 | 13-01-2013 - 20:55 | |
CVE-2013-0762 | 9.3 |
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and Se
|
04-08-2020 - 15:31 | 13-01-2013 - 20:55 | |
CVE-2013-0763 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial
|
04-08-2020 - 15:29 | 13-01-2013 - 20:55 | |
CVE-2012-0454 | 7.5 |
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to caus
|
30-10-2018 - 16:27 | 14-03-2012 - 19:55 | |
CVE-2013-5599 | 10.0 |
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderb
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2013-5590 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote atta
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2013-5602 | 10.0 |
The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allo
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2013-5601 | 10.0 |
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey bef
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2013-5597 | 10.0 |
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2013-5604 | 9.3 |
The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not pro
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2013-5600 | 10.0 |
Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonke
|
30-10-2018 - 16:26 | 30-10-2013 - 10:55 | |
CVE-2012-0451 | 4.3 |
CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0464 | 7.5 |
Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 all
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0470 | 10.0 |
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow
|
18-01-2018 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0456 | 5.0 |
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote atta
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0471 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web s
|
18-01-2018 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0462 | 7.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0441 | 5.0 |
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey b
|
18-01-2018 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-0467 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause
|
18-01-2018 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0458 | 6.8 |
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through th
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0461 | 7.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0477 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbit
|
18-01-2018 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0479 | 4.3 |
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) A
|
18-01-2018 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0459 | 7.5 |
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0460 | 6.4 |
Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote at
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0457 | 9.3 |
Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0455 | 4.3 |
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on java
|
18-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-0463 | 7.5 |
The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does
|
11-01-2018 - 02:29 | 14-03-2012 - 19:55 | |
CVE-2012-1940 | 9.3 |
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attack
|
05-01-2018 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-1937 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to caus
|
05-01-2018 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-1947 | 9.3 |
Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to
|
05-01-2018 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-1967 | 10.0 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to e
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1954 | 10.0 |
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attacker
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1951 | 10.0 |
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows rem
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1962 | 10.0 |
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote at
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1941 | 9.3 |
Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 al
|
29-12-2017 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-1961 | 4.3 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier fo
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1959 | 5.0 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-c
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1958 | 9.3 |
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remot
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1963 | 4.3 |
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings pl
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1964 | 4.0 |
The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey be
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1948 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to caus
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1953 | 9.3 |
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a den
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1952 | 9.3 |
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame varia
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1944 | 4.3 |
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, wh
|
29-12-2017 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-1955 | 6.8 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and hi
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1946 | 9.3 |
Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow r
|
29-12-2017 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-1957 | 4.3 |
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within descri
|
29-12-2017 - 02:29 | 18-07-2012 - 10:26 | |
CVE-2012-1945 | 2.9 |
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut
|
29-12-2017 - 02:29 | 05-06-2012 - 23:55 | |
CVE-2012-0473 | 5.0 |
The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function
|
29-12-2017 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0474 | 4.3 |
Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote atta
|
29-12-2017 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0469 | 10.0 |
Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMo
|
29-12-2017 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0478 | 9.3 |
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_O
|
29-12-2017 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2012-0472 | 9.3 |
The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations a
|
29-12-2017 - 02:29 | 25-04-2012 - 10:10 | |
CVE-2013-5595 | 4.3 |
The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified func
|
19-09-2017 - 01:36 | 30-10-2013 - 10:55 | |
CVE-2013-1714 | 4.3 |
The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remo
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1707 | 7.2 |
Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1681 | 10.0 |
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbi
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1674 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event d
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1722 | 9.3 |
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey befor
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1684 | 9.3 |
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote at
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1693 | 4.3 |
The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy a
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1692 | 4.3 |
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1725 | 6.8 |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1694 | 7.5 |
The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to caus
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1687 | 9.3 |
The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1736 | 10.0 |
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or caus
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1726 | 6.2 |
Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain pr
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1672 | 6.9 |
The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via v
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1730 | 6.8 |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers t
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1710 | 10.0 |
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript c
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1697 | 9.3 |
The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote atta
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1675 | 4.3 |
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale funct
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1706 | 7.2 |
Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain priv
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1682 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory c
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1717 | 5.4 |
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1676 | 10.0 |
The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of se
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1670 | 4.3 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1701 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a deni
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1686 | 10.0 |
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or caus
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1679 | 10.0 |
Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute a
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1713 | 4.3 |
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, wh
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1718 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1709 | 4.3 |
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attac
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1680 | 10.0 |
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code o
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1678 | 10.0 |
The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of servic
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1737 | 5.0 |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, w
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1735 | 9.3 |
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attac
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1712 | 6.9 |
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, W
|
19-09-2017 - 01:36 | 07-08-2013 - 01:55 | |
CVE-2013-1732 | 9.3 |
Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbi
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
CVE-2013-1677 | 10.0 |
The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of ser
|
19-09-2017 - 01:36 | 16-05-2013 - 11:45 | |
CVE-2013-1690 | 9.3 |
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2013-1685 | 9.3 |
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary co
|
19-09-2017 - 01:36 | 26-06-2013 - 03:19 | |
CVE-2012-3978 | 6.8 |
The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location objec
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3980 | 9.3 |
The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a cr
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3969 | 9.3 |
Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execut
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3966 | 10.0 |
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3974 | 6.9 |
Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse e
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3958 | 10.0 |
Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3962 | 9.3 |
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3970 | 10.0 |
Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execu
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3964 | 10.0 |
Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to exe
|
19-09-2017 - 01:35 | 29-08-2012 - 10:56 | |
CVE-2012-3105 | 9.3 |
The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not properly mitigate an unspe
|
19-09-2017 - 01:35 | 05-06-2012 - 23:55 | |
CVE-2013-0799 | 7.2 |
Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted argument
|
19-09-2017 - 01:35 | 03-04-2013 - 11:56 | |
CVE-2013-0793 | 4.3 |
Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote atta
|
19-09-2017 - 01:35 | 03-04-2013 - 11:56 | |
CVE-2013-0788 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a deni
|
19-09-2017 - 01:35 | 03-04-2013 - 11:56 | |
CVE-2013-0795 | 10.0 |
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for clo
|
19-09-2017 - 01:35 | 03-04-2013 - 11:56 | |
CVE-2013-0801 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory c
|
19-09-2017 - 01:35 | 16-05-2013 - 11:45 | |
CVE-2013-0797 | 6.9 |
Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges
|
19-09-2017 - 01:35 | 03-04-2013 - 11:56 | |
CVE-2013-0787 | 9.3 |
Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey
|
19-09-2017 - 01:35 | 11-03-2013 - 10:55 | |
CVE-2012-3977 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4930. Reason: This candidate is a duplicate of CVE-2012-4930. Notes: All CVE users should reference CVE-2012-4930 instead of this candidate. All references and descriptions in t
|
09-10-2012 - 11:13 | 09-10-2012 - 11:13 |