CVE search results

1881 – 1890 of 2389 results

Detailed view

Sort by:

CVE-2012-4210

Medium priority

Some fixes available 4 of 11

The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4209

Medium priority

Some fixes available 8 of 15

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4208

Medium priority

Some fixes available 8 of 15

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4207

Medium priority

Some fixes available 8 of 15

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4205

Medium priority

Some fixes available 8 of 15

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4204

Medium priority

Some fixes available 8 of 15

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4203

Medium priority

Some fixes available 4 of 11

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4202

Medium priority

Some fixes available 8 of 15

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4201

Medium priority

Some fixes available 8 of 15

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4196

Medium priority

Some fixes available 13 of 24

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports