CVE-2005-0146
https://notcve.org/view.php?id=CVE-2005-0146
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation. • http://www.mozilla.org/security/announce/mfsa2005-08.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=265728 https://exchange.xforce.ibmcloud.com/vulnerabilities/19171 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10362 https://access.redhat.com/security/cve/CVE-2005-0146 https://bugzilla.redhat •
CVE-2005-0149
https://notcve.org/view.php?id=CVE-2005-0149
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages. • http://secunia.com/advisories/19823 http://www.mozilla.org/security/announce/mfsa2005-11.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/support/errata/RHSA-2005-094.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=268107 https://exchange.xforce.ibmcloud.com/vulnerabilities/19172 htt •
CVE-2004-1449
https://notcve.org/view.php?id=CVE-2004-1449
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. • http://bugzilla.mozilla.org/show_bug.cgi?id=206859#c0 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:082 •
CVE-2004-1451
https://notcve.org/view.php?id=CVE-2004-1451
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. • http://bugzilla.mozilla.org/show_bug.cgi?id=228176 http://secunia.com/advisories/10419 http://www.mozilla.org/projects/security/known-vulnerabilities.html •
CVE-2004-1450
https://notcve.org/view.php?id=CVE-2004-1450
Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations. • http://bugzilla.mozilla.org/show_bug.cgi?id=239122 http://www.mozilla.org/projects/security/known-vulnerabilities.html •