Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-0591 | 4.3 |
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by
|
15-10-2018 - 22:01 | 09-02-2008 - 00:00 | |
CVE-2008-0592 | 4.3 |
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Fir
|
15-10-2018 - 22:01 | 09-02-2008 - 00:00 | |
CVE-2008-0593 | 4.3 |
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and
|
15-10-2018 - 22:01 | 09-02-2008 - 01:00 | |
CVE-2008-0419 | 9.3 |
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize
|
15-10-2018 - 22:00 | 08-02-2008 - 22:00 | |
CVE-2008-0418 | 4.3 |
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:
|
15-10-2018 - 22:00 | 08-02-2008 - 22:00 | |
CVE-2008-0412 | 9.3 |
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 | |
CVE-2008-0413 | 9.3 |
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 | |
CVE-2008-0415 | 4.3 |
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.lo
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 |