| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-0748 | 9.3 |
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that
|
19-10-2018 - 15:46 | 14-04-2006 - 10:02 | |
| CVE-2006-0749 | 9.3 |
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via
|
19-10-2018 - 15:46 | 14-04-2006 - 10:02 | |
| CVE-2006-0292 | 7.5 |
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garb
|
19-10-2018 - 15:43 | 02-02-2006 - 20:06 | |
| CVE-2006-0293 | 7.5 |
The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that opera
|
19-10-2018 - 15:43 | 02-02-2006 - 20:06 | |
| CVE-2006-0296 | 5.0 |
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf fil
|
19-10-2018 - 15:43 | 02-02-2006 - 20:06 | |
| CVE-2005-4134 | 5.0 |
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not
|
19-10-2018 - 15:40 | 09-12-2005 - 15:03 | |
| CVE-2006-1727 | 7.6 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to t
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
| CVE-2006-1732 | 4.3 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS)
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
| CVE-2006-1729 | 4.3 |
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
| CVE-2006-1728 | 9.3 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypt
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
| CVE-2006-1730 | 9.3 |
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing prop
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
| CVE-2006-1731 | 4.3 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are calle
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 |