Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-0744 | 9.3 |
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 a
|
21-10-2024 - 13:55 | 13-01-2013 - 20:55 | |
CVE-2003-0430 | 5.0 |
The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.
|
14-02-2024 - 01:17 | 24-07-2003 - 04:00 | |
CVE-2005-4360 | 7.8 |
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.d
|
08-11-2021 - 21:45 | 20-12-2005 - 01:03 | |
CVE-2003-0083 | 5.0 |
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities relate
|
15-07-2021 - 20:37 | 02-04-2003 - 05:00 | |
CVE-2003-0254 | 5.0 |
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
|
06-06-2021 - 11:15 | 18-08-2003 - 04:00 | |
CVE-2006-0026 | 6.5 |
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).
|
23-11-2020 - 19:49 | 11-07-2006 - 22:05 | |
CVE-2012-0449 | 9.3 |
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod
|
28-08-2020 - 13:14 | 01-02-2012 - 16:55 | |
CVE-2012-0444 | 10.0 |
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corr
|
28-08-2020 - 13:12 | 01-02-2012 - 16:55 | |
CVE-2012-0442 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corru
|
28-08-2020 - 13:11 | 01-02-2012 - 16:55 | |
CVE-2011-3659 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect Attribu
|
28-08-2020 - 13:10 | 01-02-2012 - 16:55 | |
CVE-2010-3965 | 9.3 |
Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2010-1885 | 9.3 |
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist
|
26-02-2019 - 14:04 | 15-06-2010 - 14:04 | |
CVE-2010-3147 | 9.3 |
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to
|
26-02-2019 - 14:04 | 27-08-2010 - 19:00 | |
CVE-2004-0790 | 5.0 |
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have
|
30-10-2018 - 16:26 | 12-04-2005 - 04:00 | |
CVE-2004-0791 | 5.0 |
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench a
|
30-10-2018 - 16:26 | 12-04-2005 - 04:00 | |
CVE-2010-0182 | 4.3 |
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2007-0165 | 7.8 |
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
|
30-10-2018 - 16:25 | 10-01-2007 - 00:28 | |
CVE-2010-0174 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2010-0173 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and applica
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2010-0175 | 9.3 |
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of se
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2010-0176 | 9.3 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2006-0058 | 7.6 |
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory location
|
19-10-2018 - 15:42 | 22-03-2006 - 20:06 | |
CVE-2005-4451 | 7.5 |
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
|
19-10-2018 - 15:40 | 21-12-2005 - 11:03 | |
CVE-2004-1060 | 5.0 |
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment w
|
19-10-2018 - 15:30 | 12-04-2004 - 04:00 | |
CVE-2006-3201 | 4.9 |
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
|
18-10-2018 - 16:46 | 23-06-2006 - 20:06 | |
CVE-2006-5151 | 10.0 |
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
|
17-10-2018 - 21:41 | 05-10-2006 - 04:04 | |
CVE-2006-4187 | 2.1 |
Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors.
|
17-10-2018 - 21:33 | 17-08-2006 - 00:04 | |
CVE-2007-6195 | 10.0 |
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malfor
|
15-10-2018 - 21:50 | 15-12-2007 - 01:46 | |
CVE-2009-4310 | 9.3 |
Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream i
|
10-10-2018 - 19:49 | 13-12-2009 - 01:30 | |
CVE-2009-4309 | 9.3 |
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 str
|
10-10-2018 - 19:49 | 13-12-2009 - 01:30 | |
CVE-2009-4210 | 9.3 |
The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content.
|
10-10-2018 - 19:48 | 13-12-2009 - 01:30 | |
CVE-2003-0985 | 7.2 |
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing
|
03-05-2018 - 01:29 | 20-01-2004 - 05:00 | |
CVE-2004-0077 | 7.2 |
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
|
03-05-2018 - 01:29 | 03-03-2004 - 05:00 | |
CVE-2004-0148 | 7.2 |
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
|
03-05-2018 - 01:29 | 15-04-2004 - 04:00 | |
CVE-2003-0476 | 2.1 |
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
|
03-05-2018 - 01:29 | 07-08-2003 - 04:00 | |
CVE-2003-0682 | 7.5 |
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.
|
03-05-2018 - 01:29 | 06-10-2003 - 04:00 | |
CVE-2011-3670 | 5.0 |
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by makin
|
29-12-2017 - 02:29 | 01-02-2012 - 16:55 | |
CVE-2001-1181 | 7.2 |
Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.
|
19-12-2017 - 02:29 | 16-07-2001 - 04:00 | |
CVE-2006-5558 | 10.0 |
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the det
|
19-10-2017 - 01:29 | 27-10-2006 - 16:07 | |
CVE-2006-5557 | 4.6 |
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the de
|
19-10-2017 - 01:29 | 27-10-2006 - 16:07 | |
CVE-2007-1993 | 9.3 |
Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure
|
11-10-2017 - 01:32 | 12-04-2007 - 10:19 | |
CVE-2007-0916 | 4.9 |
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
|
11-10-2017 - 01:31 | 14-02-2007 - 02:28 | |
CVE-2005-3779 | 7.2 |
Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
|
11-10-2017 - 01:30 | 23-11-2005 - 01:03 | |
CVE-2005-1192 | 5.0 |
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 | |
CVE-2005-3296 | 10.0 |
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
|
11-10-2017 - 01:30 | 23-10-2005 - 21:02 | |
CVE-2002-2262 | 5.0 |
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
|
11-10-2017 - 01:29 | 31-12-2002 - 05:00 | |
CVE-2002-0279 | 4.6 |
The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.
|
11-10-2017 - 01:29 | 31-05-2002 - 04:00 | |
CVE-2001-1182 | 7.2 |
Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges.
|
11-10-2017 - 01:29 | 17-07-2001 - 04:00 | |
CVE-2002-1409 | 2.1 |
ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."
|
11-10-2017 - 01:29 | 11-04-2003 - 04:00 | |
CVE-2002-0798 | 2.1 |
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.
|
11-10-2017 - 01:29 | 12-08-2002 - 04:00 | |
CVE-2004-1332 | 7.5 |
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
CVE-2004-0164 | 5.0 |
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message th
|
11-10-2017 - 01:29 | 03-03-2004 - 05:00 | |
CVE-2005-0364 | 5.0 |
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
|
11-10-2017 - 01:29 | 10-02-2005 - 05:00 | |
CVE-2004-0010 | 7.2 |
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
|
11-10-2017 - 01:29 | 03-03-2004 - 05:00 | |
CVE-2004-0403 | 5.0 |
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
|
11-10-2017 - 01:29 | 01-06-2004 - 04:00 | |
CVE-2003-0468 | 5.0 |
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2004-2665 | 4.9 |
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
CVE-2003-0973 | 5.0 |
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
|
11-10-2017 - 01:29 | 15-12-2003 - 05:00 | |
CVE-2001-0809 | 2.1 |
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
|
11-10-2017 - 01:29 | 06-12-2001 - 05:00 | |
CVE-2004-1764 | 7.2 |
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.
|
11-10-2017 - 01:29 | 14-01-2004 - 05:00 | |
CVE-2003-1461 | 7.2 |
Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473).
|
11-10-2017 - 01:29 | 31-12-2003 - 05:00 | |
CVE-2003-0992 | 4.3 |
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.
|
11-10-2017 - 01:29 | 17-02-2004 - 05:00 | |
CVE-2003-0984 | 4.6 |
Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
|
11-10-2017 - 01:29 | 05-01-2004 - 05:00 | |
CVE-2004-0003 | 4.6 |
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
|
11-10-2017 - 01:29 | 03-03-2004 - 05:00 | |
CVE-2003-1375 | 7.2 |
Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.
|
11-10-2017 - 01:29 | 31-12-2003 - 05:00 | |
CVE-2004-1029 | 9.3 |
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load un
|
11-10-2017 - 01:29 | 01-03-2005 - 05:00 | |
CVE-2003-0461 | 2.1 |
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2003-0089 | 7.2 |
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.
|
11-10-2017 - 01:29 | 15-12-2003 - 05:00 | |
CVE-2003-0540 | 5.0 |
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Error
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2004-0075 | 2.1 |
The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service.
|
10-10-2017 - 01:30 | 15-03-2004 - 05:00 | |
CVE-2008-1668 | 10.0 |
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remot
|
29-09-2017 - 01:30 | 13-08-2008 - 18:41 | |
CVE-2008-1662 | 10.0 |
Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."
|
29-09-2017 - 01:30 | 01-08-2008 - 14:41 | |
CVE-2007-5008 | 9.0 |
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
|
29-09-2017 - 01:29 | 20-09-2007 - 21:17 | |
CVE-2012-0447 | 5.0 |
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG ima
|
19-09-2017 - 01:34 | 01-02-2012 - 16:55 | |
CVE-2012-0446 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, r
|
19-09-2017 - 01:34 | 01-02-2012 - 16:55 | |
CVE-2012-0445 | 5.0 |
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name at
|
19-09-2017 - 01:34 | 01-02-2012 - 16:55 | |
CVE-2012-0443 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss
|
19-09-2017 - 01:34 | 01-02-2012 - 16:55 | |
CVE-2011-3232 | 9.3 |
YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-3001 | 4.3 |
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-3005 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-2372 | 3.5 |
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended ac
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-2995 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application cra
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-3000 | 4.3 |
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote a
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-2997 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitr
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2010-3183 | 9.3 |
The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls tha
|
19-09-2017 - 01:31 | 21-10-2010 - 19:00 | |
CVE-2009-4313 | 9.3 |
ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media f
|
19-09-2017 - 01:29 | 13-12-2009 - 01:30 | |
CVE-2009-4311 | 9.3 |
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE
|
19-09-2017 - 01:29 | 13-12-2009 - 01:30 | |
CVE-2009-4312 | 9.3 |
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe.
|
19-09-2017 - 01:29 | 13-12-2009 - 01:30 |