Search CVE reports
2901 – 2910 of 3080 results
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary...
3 affected packages
firefox, midbrowser, mozilla-thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
Mozilla Firefox 2.0.0.4 allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. NOTE: this issue has been disputed by third party researchers, stating that "this does not crash on me, and...
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly...
3 affected packages
firefox, iceape, midbrowser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for"...
3 affected packages
firefox, mozilla-thunderbird, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte...
3 affected packages
firefox, iceape, midbrowser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0591. Reason: This candidate is a duplicate of CVE-2008-0591. Notes: All CVE users should reference CVE-2008-0591 instead of this candidate. All references...
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute...
3 affected packages
firefox, iceape, midbrowser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI.
2 affected packages
firefox, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows allows remote attackers to read arbitrary files via ..%5C (dot dot encoded backslash) sequences in a resource:// URI.
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's...
4 affected packages
firefox, iceape, lightning-sunbird, midbrowser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |