Page 440 of 2282 results (0.018 seconds)

CVSS: 5.0EPSS: 3%CPEs: 12EXPL: 0

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://secunia.com/advisories/16911 http://secunia.com/advisories/16917 http://secunia.com/advisories/16977 http://secunia.com/advisories/17014 http://secunia.com/advisories/17026 http://secunia.com/advisories/17042 http://secunia.com/advisories/17090 http://secunia.com/advisories/17149 http://secunia.com/advisories/17263 http://secunia.com/advisories/17284 http://securitytracker.com/id?1014954 http •

CVSS: 7.5EPSS: 92%CPEs: 12EXPL: 0

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://secunia.com/advisories/16911 http://secunia.com/advisories/16917 http://secunia.com/advisories/16977 http://secunia.com/advisories/17014 http://secunia.com/advisories/17026 http://secunia.com/advisories/17042 http://secunia.com/advisories/17090 http://secunia.com/advisories/17149 http://secunia.com/advisories/17263 http://secunia.com/advisories/17284 http://securitytracker.com/id?1014954 http •

CVSS: 7.5EPSS: 89%CPEs: 12EXPL: 0

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://secunia.com/advisories/16911 http://secunia.com/advisories/16917 http://secunia.com/advisories/16977 http://secunia.com/advisories/17014 http://secunia.com/advisories/17026 http://secunia.com/advisories/17042 http://secunia.com/advisories/17090 http://secunia.com/advisories/17149 http://secunia.com/advisories/17263 http://secunia.com/advisories/17284 http://securitytracker.com/id?1014954 http •

CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 1

Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash. • https://www.exploit-db.com/exploits/26288 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://secunia.com/advisories/16869 http://secunia.com/advisories/17042 http://secunia.com/advisories/17090 http://secunia.com/advisories/17149 http://secunia.com/advisories/17263 http://secunia.com/advisories/17284 http://www.debian.org/security/2005/dsa-866 http://www.debian.org/security/2005/dsa-868 http://www.kb.cert.org/vuls/id/914681 http& •

CVSS: 7.5EPSS: 96%CPEs: 8EXPL: 3

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. • https://www.exploit-db.com/exploits/1224 http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0316.html http://marc.info/?l=full-disclosure&m=112624614008387&w=2 http://secunia.com/advisories/16764 http://secunia.com/advisories/16766 http://secunia.com/advisories/16767 http://secunia.com/advisories/17042 http://secunia.com/advisories/17090 http://secunia.com/advisories/17263 http://secunia.com/advisories/17284 http://securityreason.com/securityalert/83 http://security •