| Max CVSS | 9.3 | Min CVSS | 3.7 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-0778 | 5.4 |
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
| CVE-2007-0777 | 9.3 |
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vect
|
09-10-2019 - 22:52 | 26-02-2007 - 19:28 | |
| CVE-2007-0780 | 6.8 |
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
| CVE-2007-0994 | 6.8 |
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI
|
09-10-2019 - 22:52 | 06-03-2007 - 00:19 | |
| CVE-2007-0009 | 6.8 |
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser
|
09-10-2019 - 22:51 | 26-02-2007 - 20:28 | |
| CVE-2007-0996 | 5.8 |
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated us
|
16-10-2018 - 16:36 | 27-02-2007 - 02:28 | |
| CVE-2007-0995 | 4.3 |
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
|
16-10-2018 - 16:36 | 26-02-2007 - 19:28 | |
| CVE-2007-0981 | 7.5 |
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the h
|
16-10-2018 - 16:35 | 16-02-2007 - 01:28 | |
| CVE-2007-0779 | 6.4 |
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot
|
16-10-2018 - 16:34 | 26-02-2007 - 20:28 | |
| CVE-2007-0776 | 9.3 |
Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clip
|
16-10-2018 - 16:34 | 26-02-2007 - 19:28 | |
| CVE-2007-0775 | 3.7 |
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e
|
16-10-2018 - 16:34 | 26-02-2007 - 19:28 | |
| CVE-2007-0008 | 6.8 |
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server produc
|
16-10-2018 - 16:29 | 26-02-2007 - 20:28 |