CVE search results

191 – 200 of 226 results

Detailed view

Sort by:

CVE-2008-3836

Medium priority

Some fixes available 17 of 23

feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText,...

6 affected packages

firefox, firefox-3.0, iceape, seamonkey, xulrunner, xulrunner-1.9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-3835

Medium priority

Some fixes available 33 of 39

The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript...

8 affected packages

firefox, firefox-3.0, iceape, mozilla-thunderbird, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-0016

Medium priority

Some fixes available 23 of 29

Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.

6 affected packages

firefox, firefox-3.0, iceape, seamonkey, xulrunner, xulrunner-1.9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-3444

Low priority

Some fixes available 6 of 8

The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set...

5 affected packages

firefox, firefox-3.0, iceweasel, xulrunner, xulrunner-1.9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceweasel	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-2934

Low priority

Not affected

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.

10 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-3198

Medium priority

Ignored

Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute...

1 affected packages

firefox-3.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—

CVE-2008-2933

Medium priority

Ignored

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files...

10 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-2809

Low priority

Some fixes available 24 of 29

Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the...

9 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—

CVE-2008-2811

Medium priority

Some fixes available 24 of 29

The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash)...

9 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—

CVE-2008-2810

Low priority

Some fixes available 14 of 19

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for...

7 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports