CVSS: 7.5EPSS: 20%CPEs: 47EXPL: 0CVE-2006-2775
https://notcve.org/view.php?id=CVE-2006-2775
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL. • http://secunia.com/advisories/20376 http://secunia.com/advisories/20382 http://secunia.com/advisories/20561 http://secunia.com/advisories/20709 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21210 http://secunia.com/advisories/21324 http://secunia.com/advisories/21532 http://secunia.com/advisories/21607 http://secunia.com/advisories/22065 http:/& • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 41%CPEs: 2EXPL: 0CVE-2006-2778
https://notcve.org/view.php?id=CVE-2006-2778
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. • http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/20376 http://secunia.com/advisories/20382 http://secunia.com/advisories/20561 http://secunia.com/advisories/20709 http://secunia.com/advisories/21134 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21210 http://secunia.com/advisories/21269 http://secunia.com/advisories&#x •
CVSS: 7.5EPSS: 50%CPEs: 25EXPL: 0CVE-2006-2777
https://notcve.org/view.php?id=CVE-2006-2777
Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context. • http://secunia.com/advisories/20376 http://secunia.com/advisories/20394 http://secunia.com/advisories/20561 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21324 http://secunia.com/advisories/21532 http://secunia.com/advisories/22066 http://securitytracker.com/id?1016202 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 http://www& •
CVSS: 7.5EPSS: 75%CPEs: 47EXPL: 0CVE-2006-2776
https://notcve.org/view.php?id=CVE-2006-2776
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended. • http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/20376 http://secunia.com/advisories/20382 http://secunia.com/advisories/20561 http://secunia.com/advisories/20709 http://secunia.com/advisories/21134 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21210 http://secunia.com/advisories/21269 http://secunia.com/advisories&#x •
CVSS: 5.0EPSS: 59%CPEs: 1EXPL: 2CVE-2006-2723 – Mozilla Firefox 1.5.0.4 - 'marquee' Denial of Service
https://notcve.org/view.php?id=CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified. • https://www.exploit-db.com/exploits/1867 http://www.securityfocus.com/archive/1/435373/100/0/threaded http://www.securityfocus.com/archive/1/435411/100/0/threaded http://www.securityfocus.com/archive/1/435882/100/0/threaded http://www.securityfocus.com/archive/1/436268/100/0/threaded http://www.securityfocus.com/bid/18165 https://exchange.xforce.ibmcloud.com/vulnerabilities/26898 •