Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

131 – 140 of 163 results


CVE-2009-1836

Medium priority

Some fixes available 21 of 28

Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows...

7 affected packages

firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1835

Medium priority

Some fixes available 9 of 11

Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via...

4 affected packages

firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-1834

Low priority

Some fixes available 9 of 10

Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are...

4 affected packages

firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-1833

Medium priority

Some fixes available 21 of 28

The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...

7 affected packages

firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1832

Low priority

Some fixes available 9 of 16

Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors...

7 affected packages

firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1392

Low priority

Some fixes available 21 of 28

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...

7 affected packages

firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1828

Negligible priority
Ignored

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or...

4 affected packages

firefox, xulrunner-1.9, xulrunner-1.9.1, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
xulrunner-1.9
xulrunner-1.9.1
xulrunner-1.9.2
Show less packages

CVE-2009-1827

Low priority

Some fixes available 4 of 11

The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service (application hang) via a large value in the r (aka Radius) attribute of a circle element, related to an "unclamped loop."

4 affected packages

firefox, xulrunner-1.9, xulrunner-1.9.1, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
xulrunner-1.9
xulrunner-1.9.1
xulrunner-1.9.2
Show less packages

CVE-2009-1312

Medium priority

Some fixes available 13 of 20

Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting...

5 affected packages

firefox, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-1311

Low priority

Some fixes available 8 of 15

Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner...

5 affected packages

firefox, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show less packages