Search CVE reports
1 – 10 of 72 results
CVE-2009-1597
Low priorityMozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat...
4 affected packages
firefox, firefox-3.0, firefox-3.5, iceweasel
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceweasel | — | — | — | — | — |
CVE-2009-0777
Medium prioritySome fixes available 8 of 10
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier...
9 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
iceweasel | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0773
Low prioritySome fixes available 8 of 10
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0771
Low prioritySome fixes available 8 of 10
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0775
Medium prioritySome fixes available 10 of 14
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0358
Low prioritySome fixes available 4 of 6
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of...
7 affected packages
firefox, firefox-3.0, iceape, iceweasel, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
iceweasel | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2009-0356
Medium priorityMozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and...
7 affected packages
firefox, firefox-3.0, iceape, iceweasel, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
iceweasel | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2009-0354
Low prioritySome fixes available 4 of 6
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS)...
7 affected packages
firefox, firefox-3.0, iceape, iceweasel, seamonkey...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
iceweasel | — | — | — | — | — |
seamonkey | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2009-0353
Medium prioritySome fixes available 7 of 13
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly...
10 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
CVE-2009-0352
Medium prioritySome fixes available 14 of 18
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or...
10 affected packages
firefox, firefox-3.0, iceape, icedove, iceweasel...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
iceweasel | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |