Show filters
67 Total Results
Displaying 21-30 of 67
Sort by:
Attacker Value
Unknown
CVE-2010-0177
Disclosure Date: April 05, 2010 (last updated October 04, 2023)
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."
0
Attacker Value
Unknown
CVE-2010-0174
Disclosure Date: April 05, 2010 (last updated October 04, 2023)
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
0
Attacker Value
Unknown
CVE-2010-0181
Disclosure Date: April 05, 2010 (last updated October 04, 2023)
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.
0
Attacker Value
Unknown
CVE-2010-0179
Disclosure Date: April 05, 2010 (last updated October 04, 2023)
Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.
0
Attacker Value
Unknown
CVE-2009-3986
Disclosure Date: December 17, 2009 (last updated October 04, 2023)
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property.
0
Attacker Value
Unknown
CVE-2009-3983
Disclosure Date: December 17, 2009 (last updated October 04, 2023)
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
0
Attacker Value
Unknown
CVE-2009-3984
Disclosure Date: December 17, 2009 (last updated October 04, 2023)
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.
0
Attacker Value
Unknown
CVE-2009-3985
Disclosure Date: December 17, 2009 (last updated October 04, 2023)
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
0
Attacker Value
Unknown
CVE-2009-3981
Disclosure Date: December 17, 2009 (last updated October 04, 2023)
Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
0
Attacker Value
Unknown
CVE-2009-3979
Disclosure Date: December 17, 2009 (last updated October 04, 2023)
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
0