Page 14 of 69 results (0.052 seconds)

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. Mozilla anteriores a 1.7, Firefox anteriores a 0.9, y Thunderbird anteriores a 0.7, permiten a sitios web remotos secuestrar el interfaz del usuario mediante la bandera "chrome" y ficheros de Interfaz de Usuario XML (XUL). • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://bugzilla.mozilla.org/show_bug.cgi?id=244965 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://secunia.com/advisories/12188 http://www.kb.cert.org/vuls/id/262350 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.secur •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. Mozilla anteriores a 1.7, Firefox anteriores a 0.9, y Thunderbird anteriores a 0.7 permiten a atacantes remotos usar ciertas secuencias de redirección para suplantar el icono de la cerradura de seguridad que se muestra cuando una página está cifrada. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://bugzilla.mozilla.org/show_bug.cgi?id=240053 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.securityfocus.com/bid/15495 https://exchange.xforce.ibmcloud.com/vulnerabilities/16871 https:& •

CVSS: 10.0EPSS: 7%CPEs: 3EXPL: 1

Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol. Mozilla (suite) anteriores a 1.7.1 y Firefox anteriores a 0.9.2, y Thunderbird anteriores a 0.7.2 permiten a atacantes remotos lanzar programas arbitrarios mediante una URI referenciando el protocolo shell: • https://www.exploit-db.com/exploits/24263 http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023573.html http://marc.info/?l=bugtraq&m=108938712815719&w=2 http://secunia.com/advisories/12027 http://www.ciac.org/ciac/bulletins/o-175.shtml http://www.kb.cert.org/vuls/id/927014 http://www.mozilla.org/projects/security/known-vulnerabilities.html http://www.mozilla.org/security/shell.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16655 •

CVSS: 6.8EPSS: 1%CPEs: 32EXPL: 1

Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. Mozilla 1.4.2 ejecuta eventos de Javascript en el contexto de una nueva página mientras se está cargando, permitiéndolo interactuar con la página anterior ("documento zombi") y posibilitando ataques de secuencias de comandos en sitios cruzados (XSS), como se ha demostrado usando eventos onmousemove. • http://bugzilla.mozilla.org/show_bug.cgi?id=227417 http://marc.info/?l=bugtraq&m=107774710729469&w=2 http://marc.info/?l=bugtraq&m=108448379429944&w=2 http://www.osvdb.org/4062 http://www.redhat.com/support/errata/RHSA-2004-110.html http://www.redhat.com/support/errata/RHSA-2004-112.html http://www.securityfocus.com/bid/9747 https://exchange.xforce.ibmcloud.com/vulnerabilities/15322 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A874 •