Search CVE reports
1 – 10 of 143 results
CVE-2009-1169
High prioritySome fixes available 15 of 23
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with...
6 affected packages
firefox, iceape, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
iceape | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0777
Medium prioritySome fixes available 8 of 10
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier...
9 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
iceweasel | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0773
Low prioritySome fixes available 8 of 10
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0771
Low prioritySome fixes available 8 of 10
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0776
Low prioritySome fixes available 26 of 31
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
9 affected packages
firefox, iceape, icedove, mozilla-thunderbird, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0775
Medium prioritySome fixes available 10 of 14
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via “cloned XUL DOM elements which were linked as a parent and...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0774
Low prioritySome fixes available 26 of 31
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to...
9 affected packages
firefox, iceape, icedove, mozilla-thunderbird, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0772
Low prioritySome fixes available 26 of 31
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to...
9 affected packages
firefox, iceape, icedove, mozilla-thunderbird, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0040
Medium prioritySome fixes available 15 of 31
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
libpng | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0652
Medium prioritySome fixes available 13 of 23
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows...
6 affected packages
firefox, iceape, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
iceape | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |