Page 138 of 692 results (0.009 seconds)

CVSS: 9.3EPSS: 97%CPEs: 30EXPL: 0

CVE-2006-1739

https://notcve.org/view.php?id=CVE-2006-1739

The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19631 http://secunia.com/advisories/19696 http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19729 http://secunia.com/advisories/19746 http://secunia.com/advisories/19759 http:&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 17%CPEs: 5EXPL: 0

CVE-2006-0299

https://notcve.org/view.php?id=CVE-2006-0299

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions. • http://secunia.com/advisories/18700 http://secunia.com/advisories/18704 http://secunia.com/advisories/22065 http://securitytracker.com/id?1015570 http://www.mozilla.org/security/announce/2006/mfsa2006-08.html http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/bid/16476 http://www.vupen.com/english/advisories/2006/0413 http://www.vupen.com/english/advisories/2006/3749 https://bugzilla.mozilla.org/show_bug.cgi?id=322312 https://exc •

CVSS: 5.8EPSS: 72%CPEs: 4EXPL: 1

CVE-2006-0298

https://notcve.org/view.php?id=CVE-2006-0298

The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read. • http://secunia.com/advisories/18700 http://secunia.com/advisories/18704 http://secunia.com/advisories/22065 http://securitytracker.com/id?1015570 http://www.mozilla.org/security/announce/2006/mfsa2006-07.html http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/bid/16476 http://www.vupen.com/english/advisories/2006/0413 http://www.vupen.com/english/advisories/2006/3749 https://exchange.xforce.ibmcloud.com/vulnerabilities/24436 https://ova • CWE-20: Improper Input Validation •

CVSS: 5.1EPSS: 93%CPEs: 5EXPL: 0

CVE-2006-0297

https://notcve.org/view.php?id=CVE-2006-0297

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas. • http://secunia.com/advisories/18700 http://secunia.com/advisories/18704 http://secunia.com/advisories/22065 http://securitytracker.com/id?1015570 http://www.mozilla.org/security/announce/2006/mfsa2006-06.html http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/bid/16476 http://www.vupen.com/english/advisories/2006/0413 http://www.vupen.com/english/advisories/2006/3749 https://bugzilla.mozilla.org/show_bug.cgi?id=319872 https://bug •

CVSS: 5.0EPSS: 96%CPEs: 21EXPL: 0

CVE-2006-0296

https://notcve.org/view.php?id=CVE-2006-0296

The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://secunia.com/advisories/18700 http://secunia.com/advisories/18703 http://secunia.com/advisories/18704 http://secunia.com/advisories/18705 http://secunia.com/advisories/18706 http://secunia.com/advisories/18708 http://secunia.com/advisories/18709 http://secunia.com/advisories/19230 http://secunia.com/advisories/19746 http:/&#x •