CVE search results

2351 – 2360 of 2389 results

Detailed view

Sort by:

CVE-2006-0884

Medium priority

Some fixes available 7 of 8

The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail...

6 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—

CVE-2006-0836

Negligible priority

Ignored

Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field.

1 affected package

mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0299

Medium priority

Fixed

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating...

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0298

Medium priority

Fixed

The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0297

Medium priority

Fixed

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for...

6 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—

CVE-2006-0296

Medium priority

Fixed

The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the...

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0295

Medium priority

Fixed

Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects,...

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0294

Medium priority

Fixed

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static,...

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0293

Medium priority

Some fixes available 3 of 4

The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection...

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

CVE-2006-0292

Medium priority

Fixed

The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack...

5 affected packages

firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
firefox-granparadiso	—	—	—	—	—
lightning-sunbird	—	—	—	—	—
midbrowser	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports