Search CVE reports
191 – 200 of 226 results
CVE-2008-3836
Medium prioritySome fixes available 17 of 23
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText,...
6 affected packages
firefox, firefox-3.0, iceape, seamonkey, xulrunner, xulrunner-1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2008-3835
Medium prioritySome fixes available 33 of 39
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript...
8 affected packages
firefox, firefox-3.0, iceape, mozilla-thunderbird, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2008-0016
Medium prioritySome fixes available 23 of 29
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
6 affected packages
firefox, firefox-3.0, iceape, seamonkey, xulrunner, xulrunner-1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2008-3444
Low prioritySome fixes available 6 of 8
The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set...
5 affected packages
firefox, firefox-3.0, iceweasel, xulrunner, xulrunner-1.9
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceweasel | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2008-2934
Low priorityMozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
10 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2008-3198
Medium priorityMozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute...
1 affected packages
firefox-3.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox-3.0 | — | — | — | — | — |
CVE-2008-2933
Medium priorityMozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files...
10 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2008-2809
Low prioritySome fixes available 24 of 29
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the...
9 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
CVE-2008-2811
Medium prioritySome fixes available 24 of 29
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash)...
9 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
CVE-2008-2810
Low prioritySome fixes available 14 of 19
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for...
7 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |