Max CVSS | 9.3 | Min CVSS | 6.8 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-1836 | 6.8 |
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attacke
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1838 | 9.3 |
The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1841 | 9.3 |
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by t
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1832 | 9.3 |
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double fra
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1833 | 9.3 |
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vec
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1392 | 9.3 |
The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vect
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1840 | 9.3 |
Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated
|
29-09-2017 - 01:34 | 12-06-2009 - 21:30 |