Search CVE reports
2251 – 2260 of 2389 results
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an...
3 affected packages
icedove, mozilla-thunderbird, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| icedove | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
Some fixes available 16 of 19
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows...
8 affected packages
iceape, firefox, icedove, iceweasel, mozilla-thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| iceape | — | — | — | — | — |
| firefox | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 10 of 13
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character...
7 affected packages
iceape, firefox, icedove, iceweasel, seamonkey...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| iceape | — | — | — | — | — |
| firefox | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 16 of 19
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as...
8 affected packages
iceape, firefox, icedove, iceweasel, mozilla-thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| iceape | — | — | — | — | — |
| firefox | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 14 of 17
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet...
8 affected packages
firefox, iceape, icedove, iceweasel, mozilla-thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 14 of 17
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple...
8 affected packages
firefox, iceape, icedove, iceweasel, mozilla-thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 14 of 17
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large...
8 affected packages
firefox, iceape, icedove, iceweasel, mozilla-thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 14 of 17
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related...
8 affected packages
firefox, iceape, icedove, iceweasel, mozilla-thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| icedove | — | — | — | — | — |
| iceweasel | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be...
3 affected packages
firefox, mozilla-thunderbird, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a...
3 affected packages
firefox, mozilla-thunderbird, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| thunderbird | — | — | — | — | — |