Search CVE reports
131 – 140 of 163 results
CVE-2009-1836
Medium prioritySome fixes available 21 of 28
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows...
7 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1835
Medium prioritySome fixes available 9 of 11
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via...
4 affected packages
firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1834
Low prioritySome fixes available 9 of 10
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are...
4 affected packages
firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1833
Medium prioritySome fixes available 21 of 28
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...
7 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1832
Low prioritySome fixes available 9 of 16
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors...
7 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1392
Low prioritySome fixes available 21 of 28
The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...
7 affected packages
firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1828
Negligible priorityMozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or...
4 affected packages
firefox, xulrunner-1.9, xulrunner-1.9.1, xulrunner-1.9.2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
xulrunner-1.9.2 | — | — | — | — | — |
CVE-2009-1827
Low prioritySome fixes available 4 of 11
The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service (application hang) via a large value in the r (aka Radius) attribute of a circle element, related to an "unclamped loop."
4 affected packages
firefox, xulrunner-1.9, xulrunner-1.9.1, xulrunner-1.9.2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
xulrunner-1.9.2 | — | — | — | — | — |
CVE-2009-1312
Medium prioritySome fixes available 13 of 20
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting...
5 affected packages
firefox, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-1311
Low prioritySome fixes available 8 of 15
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner...
5 affected packages
firefox, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |