| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-4187 | 9.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary c
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4186 | 9.3 |
Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3994 | 4.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Obj
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4195 | 4.3 |
The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and prin
|
21-10-2024 - 13:55 | 29-10-2012 - 18:55 | |
| CVE-2012-4188 | 9.3 |
Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3991 | 9.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to by
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3988 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code v
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4183 | 9.3 |
Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attacke
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4182 | 9.3 |
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4181 | 9.3 |
Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote atta
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4179 | 9.3 |
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote att
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3990 | 9.3 |
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to exe
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3982 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4180 | 9.3 |
Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote a
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4193 | 6.8 |
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, w
|
21-10-2024 - 13:55 | 12-10-2012 - 10:44 | |
| CVE-2012-3986 | 4.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote a
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3992 | 4.3 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XS
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4196 | 6.4 |
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a pro
|
21-10-2024 - 13:55 | 29-10-2012 - 18:55 | |
| CVE-2012-4194 | 4.3 |
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location),
|
21-10-2024 - 13:55 | 29-10-2012 - 18:55 | |
| CVE-2012-4185 | 9.3 |
Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary c
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-4184 | 4.3 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3995 | 9.3 |
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a den
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3993 | 9.3 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallT
|
21-10-2024 - 13:55 | 10-10-2012 - 17:55 | |
| CVE-2012-3983 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex
|
27-08-2020 - 14:53 | 10-10-2012 - 17:55 | |
| CVE-2012-4192 | 4.3 |
Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.
|
19-09-2017 - 01:35 | 12-10-2012 - 10:44 |