Max CVSS | 9.3 | Min CVSS | 3.7 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-0778 | 5.4 |
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
CVE-2007-0777 | 9.3 |
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vect
|
09-10-2019 - 22:52 | 26-02-2007 - 19:28 | |
CVE-2007-0780 | 6.8 |
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
CVE-2006-6077 | 5.0 |
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matc
|
17-10-2018 - 21:46 | 24-11-2006 - 17:07 | |
CVE-2007-0995 | 4.3 |
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
|
16-10-2018 - 16:36 | 26-02-2007 - 19:28 | |
CVE-2007-0981 | 7.5 |
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the h
|
16-10-2018 - 16:35 | 16-02-2007 - 01:28 | |
CVE-2007-0801 | 4.3 |
The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest.
|
16-10-2018 - 16:34 | 07-02-2007 - 11:28 | |
CVE-2007-0779 | 6.4 |
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot
|
16-10-2018 - 16:34 | 26-02-2007 - 20:28 | |
CVE-2007-0800 | 4.3 |
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocke
|
16-10-2018 - 16:34 | 07-02-2007 - 11:28 | |
CVE-2007-0776 | 9.3 |
Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clip
|
16-10-2018 - 16:34 | 26-02-2007 - 19:28 | |
CVE-2007-0775 | 3.7 |
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e
|
16-10-2018 - 16:34 | 26-02-2007 - 19:28 |