Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-2933 | 2.6 |
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations in
|
11-10-2018 - 20:45 | 17-07-2008 - 13:41 | |
CVE-2008-2809 | 4.0 |
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in t
|
11-10-2018 - 20:44 | 08-07-2008 - 23:41 | |
CVE-2008-2808 | 4.3 |
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted
|
11-10-2018 - 20:44 | 07-07-2008 - 23:41 | |
CVE-2008-2811 | 10.0 |
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose di
|
11-10-2018 - 20:44 | 07-07-2008 - 23:41 | |
CVE-2008-2807 | 5.0 |
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 enc
|
11-10-2018 - 20:44 | 07-07-2008 - 23:41 | |
CVE-2008-2798 | 10.0 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2799 | 10.0 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2801 | 7.5 |
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that u
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2803 | 6.8 |
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2805 | 5.0 |
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2802 | 7.5 |
Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to t
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2800 | 4.3 |
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT el
|
11-10-2018 - 20:43 | 07-07-2008 - 23:41 | |
CVE-2008-2785 | 9.3 |
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which all
|
11-10-2018 - 20:42 | 19-06-2008 - 21:41 |