CVSS: 5.0EPSS: 11%CPEs: 24EXPL: 2CVE-2005-4809 – Mozilla Suite/Firefox/Thunderbird - Nested Anchor Tag Status Bar Spoofing
https://notcve.org/view.php?id=CVE-2005-4809
Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag. • https://www.exploit-db.com/exploits/25221 http://marc.info/?l=full-disclosure&m=111073068631287&w=2 http://secunia.com/advisories/14568 http://securitytracker.com/id?1013423 http://www.osvdb.org/14885 http://www.securityfocus.com/bid/12798 http://www.vupen.com/english/advisories/2005/0260 https://exchange.xforce.ibmcloud.com/vulnerabilities/19540 •
CVSS: 6.4EPSS: 0%CPEs: 79EXPL: 0CVE-2005-4685
https://notcve.org/view.php?id=CVE-2005-4685
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0123.html http://www.securityfocus.com/bid/15331 https://exchange.xforce.ibmcloud.com/vulnerabilities/25291 •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 5CVE-2005-4720 – Mozilla Firefox 1.0.6/1.0.7 - iFrame Handling Denial of Service
https://notcve.org/view.php?id=CVE-2005-4720
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack. • https://www.exploit-db.com/exploits/26325 http://secunia.com/advisories/17071 http://security-protocols.com/modules.php?name=News&file=article&sid=2978 http://securitytracker.com/id?1015011 http://www.security-protocols.com/advisory/sp-x19-advisory.txt http://www.securityfocus.com/bid/15015 https://bugzilla.mozilla.org/show_bug.cgi?id=303433 •
CVSS: 5.0EPSS: 96%CPEs: 11EXPL: 1CVE-2005-4134 – Mozilla Firefox 0.x/1.x - Large History File Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-4134
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue. • https://www.exploit-db.com/exploits/26762 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://marc.info/?l=full-disclosure&m=113404911919629&w=2 http://marc.info/?l=full-disclosure&m=113405896025702&w=2 http://secunia.com/advisories/17934 http://secunia.com/advisories/17944 http://secunia.com/advisories/17946 http://secunia.com/advisories/18700 http://secunia.com/advisori •
CVSS: 2.6EPSS: 9%CPEs: 7EXPL: 0CVE-2005-3089
https://notcve.org/view.php?id=CVE-2005-3089
Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability. • http://secunia.com/advisories/16977 http://securitytracker.com/id?1014949 http://www.mozilla.org/products/firefox/releases/1.0.7.html http://www.osvdb.org/19615 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html http://www.securityfocus.com/bid/14924 https://bugzilla.mozilla.org/show_bug.cgi?id=302100 https://exchange.xforce.ibmcloud.com/vulnerabilities/22371 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9280 https:&#x •