CVSS: 9.8EPSS: 44%CPEs: 9EXPL: 0CVE-2006-6500
https://notcve.org/view.php?id=CVE-2006-6500
20 Dec 2006 — Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. Desbordamiento de búfer basado en pila en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonke... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2006-6499
https://notcve.org/view.php?id=CVE-2006-6499
20 Dec 2006 — The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision. La función js_dtoa en Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 sobrescribe memoria en lugar de salir cua... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 84%CPEs: 4EXPL: 0CVE-2006-6497
https://notcve.org/view.php?id=CVE-2006-6497
20 Dec 2006 — Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors. Múltiples vulnerabilidades no especificadas en el motor de diseño para Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a... • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc •
CVSS: 7.5EPSS: 58%CPEs: 54EXPL: 0CVE-2006-6502
https://notcve.org/view.php?id=CVE-2006-6502
20 Dec 2006 — Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors. Vulnerabilidad de uso después de liberación (use-after-free) en el código puente LiveConnect para Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos ... • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc •
CVSS: 9.8EPSS: 78%CPEs: 2EXPL: 0CVE-2006-6505 – seamonkey < 1.0.7 multiple vulnerabilities
https://notcve.org/view.php?id=CVE-2006-6505
20 Dec 2006 — Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers. Múltiples desbordamientos de búfer basados en pila en Mozilla Thunderbird anterior a 1.5.0.9 y SeaMonkey anterior a 1.0.7 permite a atacantes remotos ejecutar código de su elección mediante (1) mensajes externos con cabeceras Content-Type grand... • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc •
CVSS: 6.8EPSS: 52%CPEs: 9EXPL: 0CVE-2006-6503
https://notcve.org/view.php?id=CVE-2006-6503
20 Dec 2006 — Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI. Mozilla Firefox 2.x anterior a 2.0.0.1, 1.5.x anterior a 1.5.0.9, Thunderbird anterior a 1.5.0.9, y SeaMonkey anterior a 1.0.7 permite a atacantes remotos evitar la protección de secuencias de comandos en sitios cruzados (XSS) cambiando el atributo src de u... • ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc • CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 52%CPEs: 29EXPL: 0CVE-2006-5463
https://notcve.org/view.php?id=CVE-2006-5463
08 Nov 2006 — Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing. Vulnerabilidad sin especificar en el Mozilla Firefox en versiones anteriores a la 1.5.0.8, en el Thunderbird en versiones anteriores a la 1.5.0.8 y en el SeaMonkey en versiones anteriores a la 1.0.6, permite a atacantes remotos la ejecución d... • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P •
CVSS: 9.8EPSS: 13%CPEs: 29EXPL: 0CVE-2006-5748 – seamonkey < 1.0.6 multiple vulnerabilities
https://notcve.org/view.php?id=CVE-2006-5748
08 Nov 2006 — Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger memory corruption. Múltiples vulnerabilidades sin especificar en el motor de JavaScript en el Mozilla Firefox anterior al 1.5.0.8, en el Thunderbird anterior al 1.5.0.8 y en el SeaMonkey anterior al 1.0.6 permiten a atacantes r... • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P •
CVSS: 7.5EPSS: 36%CPEs: 27EXPL: 0CVE-2006-5464
https://notcve.org/view.php?id=CVE-2006-5464
08 Nov 2006 — Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors. Múltiples vulnerabilidades sin especificar en el diseño del motor del Mozilla Firefox en versiones anteriores a la 1.5.0.8, del Thunderbird en versiones anteriores a la 1.5.0.8 y del SeaMonkey en versiones anteriores a la 1.0.6, permite a atacantes remotos provocar una denegació... • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P •
CVSS: 7.5EPSS: 83%CPEs: 28EXPL: 0CVE-2006-5462
https://notcve.org/view.php?id=CVE-2006-5462
08 Nov 2006 — Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340. La biblioteca Mozilla Network Security Service (NSS) e... • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P •