Vulnerabilities (CVE)

Vendor filter

Mozilla Subscribe

Product filter

Mozilla Subscribe

Filter

115 total CVE
CVE Vendors Products Updated CVSS
CVE-2007-1794 1 Mozilla 1 Mozilla 2018-10-30 10.0
The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. ...
CVE-2006-0292 1 Mozilla 2 Firefox, Mozilla 2018-10-19 7.5
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to...
CVE-2006-6498 1 Mozilla 4 Firefox, Thunderbird, Seamonkey and 1 more 2018-10-17 6.8
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote...
CVE-2009-3014 1 Mozilla 3 Firefox, Mozilla, Seamonkey 2018-10-10 4.3
Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows...
CVE-2005-0989 2 Mozilla, Netscape 3 Firefox, Mozilla, Navigator 2018-05-03 5.0
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
CVE-2005-0401 1 Mozilla 2 Firefox, Mozilla 2018-05-03 5.1
FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a...
CVE-2005-0399 1 Mozilla 3 Firefox, Mozilla, Thunderbird 2018-05-03 5.1
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image...
CVE-2004-1316 1 Mozilla 1 Mozilla 2018-05-03 5.0
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character,...
CVE-2004-0902 4 Suse, Mozilla, Conectiva and 1 more 9 Mozilla, Linux Advanced Workstation, Enterprise Linux Desktop and 6 more 2018-05-03 10.0
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the...
CVE-2012-0464 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-18 7.5
Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8...
CVE-2012-0461 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-18 7.5
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey...
CVE-2012-0458 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-18 6.8
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page...
CVE-2012-0457 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-18 9.3
Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR...
CVE-2012-0456 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-18 5.0
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote...
CVE-2012-0455 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-18 4.3
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on...
CVE-2012-0463 2 Mozilla, A 6 Firefox Esr, Mozilla, Seamonkey and 3 more 2018-01-11 7.5
The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8...
CVE-2005-2968 1 Mozilla 2 Firefox, Mozilla 2017-10-11 7.5
Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.
CVE-2005-2270 1 Mozilla 2 Firefox, Mozilla 2017-10-11 7.5
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
CVE-2005-2269 1 Mozilla 2 Firefox, Mozilla 2017-10-11 7.5
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly...
CVE-2005-2268 1 Mozilla 2 Firefox, Mozilla 2017-10-11 2.6
Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka...