Search CVE reports
2921 – 2930 of 3080 results
Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by...
3 affected packages
firefox, lightning-sunbird, midbrowser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message...
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document source, and perform updates in the context of arbitrary websites, by repeatedly setting document.location in the onunload attribute...
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting...
3 affected packages
firefox, lightning-sunbird, midbrowser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
Some fixes available 8 of 9
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks...
5 affected packages
firefox, iceape, lightning-sunbird, midbrowser, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 8 of 9
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators,...
5 affected packages
iceape, firefox, lightning-sunbird, midbrowser, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| iceape | — | — | — | — | — |
| firefox | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 8 of 9
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers...
5 affected packages
firefox, iceape, lightning-sunbird, midbrowser, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 11 of 12
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain...
6 affected packages
firefox, iceape, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 11 of 12
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java...
6 affected packages
firefox, iceape, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |