CVSS: 7.5EPSS: 97%CPEs: 51EXPL: 2CVE-2007-0981 – Mozilla Firefox 2.0.0.1 - 'location.hostname' Cross-Domain
https://notcve.org/view.php?id=CVE-2007-0981
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code. Una vulnerabilidad en los navegadores basados ??en Mozilla, incluidos Firefox anterior a versión 1.5.0.10 y versión 2.x anterior a 2.0.0.2, y SeaMonkey anterior a versión 1.0.8, permiten a los atacantes remotos omitir la políticas de mismo origen, robar cookies y conducir otros ataques escribiendo un URI con un byte NULL a la propiedad DOM del host (location.hostname), debido a las interacciones con el código de resolución DNS. • https://www.exploit-db.com/exploits/3340 ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc http://fedoranews.org/cms/node/2713 http://fedoranews.org/cms/node/2728 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://lcamtuf.dione.cc/ffhostname.html http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html http://rhn.redhat.com/errat • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 14%CPEs: 9EXPL: 0CVE-2006-6503
https://notcve.org/view.php?id=CVE-2006-6503
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI. Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos evitar la protección de secuencias de comandos en sitios cruzados (XSS) cambiando el atributo src de un elemento IMG a javascript: URI. • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://fedoranews.org/cms/node/2297 http://fedoranews.org/cms/node/2338 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://rhn.redhat.com/errata/RHSA-2006-0758.html http://rhn.redhat.com/errata/RHSA-2006-0759.html http://rhn.redhat.com/errata/RHSA-2006-0760.html http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories& • CWE-254: 7PK - Security Features •
CVSS: 6.8EPSS: 76%CPEs: 2EXPL: 0CVE-2006-6505 – seamonkey < 1.0.7 multiple vulnerabilities
https://notcve.org/view.php?id=CVE-2006-6505
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers. Múltiples desbordamientos de búfer basados en pila en Mozilla Thunderbird anterior a 1.5.0.9 y SeaMonkey anterior a 1.0.7 permite a atacantes remotos ejecutar código de su elección mediante (1) mensajes externos con cabeceras Content-Type grandes o (2) cabeceras codificadas según la RFC2047 (MIME no ASCII). • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://fedoranews.org/cms/node/2297 http://fedoranews.org/cms/node/2338 http://rhn.redhat.com/errata/RHSA-2006-0759.html http://rhn.redhat.com/errata/RHSA-2006-0760.html http://secunia.com/advisories/23420 http://secunia.com/advisories/23422 http://secunia.com/advisories/23433 http://secunia.com/advisories/23439 http://secunia.com/advisories/23468 http://secunia.com/advisories/23514 http:/& •
CVSS: 4.3EPSS: 2%CPEs: 9EXPL: 0CVE-2006-6499
https://notcve.org/view.php?id=CVE-2006-6499
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision. La función js_dtoa en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 sobrescribe memoria en lugar de salir cuando la precisión de coma flotante es reducida, lo cual permite a atacantes remotos provocar una denegación de servicio mediante cualquier plugin que reduzca dicha precisión. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories/23422 http://secunia.com/advisories/23545 http://secunia.com/advisories/23589 http://secunia.com/advisories/23591 http://secunia.com/advisories/23614 http://secunia.com/advisories/23672 http://secunia.com/advisories/23692 http://secunia.com/advisories/23988 http://secunia.com/advisories/24078 http:/ • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.1EPSS: 53%CPEs: 54EXPL: 0CVE-2006-6502
https://notcve.org/view.php?id=CVE-2006-6502
Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors. Vulnerabilidad de uso después de liberación (use-after-free) en el código puente LiveConnect para Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores desconocidos. • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://fedoranews.org/cms/node/2297 http://fedoranews.org/cms/node/2338 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://rhn.redhat.com/errata/RHSA-2006-0758.html http://rhn.redhat.com/errata/RHSA-2006-0759.html http://rhn.redhat.com/errata/RHSA-2006-0760.html http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories& •