CVSS: 10.0EPSS: 32%CPEs: 56EXPL: 1CVE-2009-3373 – Mozilla Firefox 3.5.3 / SeaMonkey 1.1.17 - 'libpr0n' .GIF Parser Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3373
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica en el parseador de imágenes GIF en Mozilla Firefox anteriores a v3.0.15 y v3.5.x anteriores a v3.5.4, y SeaMonkey anteriores a v2.0, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • https://www.exploit-db.com/exploits/33313 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 http://www.mozilla.org/security/announce/2009/mfsa2009-56.html http://www.vupen.com/english/advisories/2009/3334 https://bugzilla.mozilla.org/show_bug.cgi?id=511689 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10684 https://oval.cisecurity.org/repository/search/definition/oval&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 4.3EPSS: 0%CPEs: 60EXPL: 2CVE-2009-3014
https://notcve.org/view.php?id=CVE-2009-3014
Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location HTTP response header or (2) specifying the content of a Location HTTP response header. Mozilla Firefox v3.0.13 y anteriores, v3.5, v3.6 a1 pre, y v3.7 a1 pre; SeaMonkey v1.1.17; y Mozilla v1.7.x y anteriores no manejan de forma adecuada las URIs javascript en los enlaces HTML incluidos en los documentos de error 302 enviados desde servidores web, lo que permite a atacantes remotos asistidos por usuarios realizar un ataque de ejecución de secuencias de comandos en sitios cruzados (XSS) a través de vectores relativos a (1) inyectar una cabecera Location de respuesta HTTP o (2) especificando el contenidos de una cabecera Location de respuesta HTTP. • http://websecurity.com.ua/3373 http://websecurity.com.ua/3386 http://www.securityfocus.com/archive/1/506163/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/52995 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 79EXPL: 0CVE-2008-6961
https://notcve.org/view.php?id=CVE-2008-6961
mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before 1.1.13, when JavaScript is enabled in mail, allows remote attackers to obtain sensitive information about the recipient, or comments in forwarded mail, via script that reads the (1) .documentURI or (2) .textContent DOM properties. mailnews en Mozilla Thunderbird anteriores a v2.0.0.18 y SeaMonkey anteriores a v1.1.13, cuando JavaScript es habilita en correo electrónico, permite a los atacantes remotos obtener información sensible acerca del recipiente, o comentarios en correos re-enviados, a través de una secuencia de comando que lee las propiedades (1) .documentURI or (2) .textContent DOM • http://secunia.com/advisories/32714 http://secunia.com/advisories/32715 http://www.mozilla.org/security/announce/2008/mfsa2008-59.html http://www.securityfocus.com/bid/32363 http://www.securitytracker.com/id?1021247 https://bugzilla.mozilla.org/show_bug.cgi?id=458883 https://exchange.xforce.ibmcloud.com/vulnerabilities/46734 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2009-2408 – firefox/nss: doesn't handle NULL in Common Name properly
https://notcve.org/view.php?id=CVE-2009-2408
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. Mozilla Firefox anterior a v3.5 y NSS anterior a v3.12.3 no tratan apropiadamente un carácter '\0' en un nombre de dominio en el campo nombre común (CN) del asunto de un certificado X.509, que permite a un atacante de hombre-en-el-medio suplantar servidores SSL arbitrarios a través de un certificado manipulado por una autoridad de certificación. • http://isc.sans.org/diary.html?storyid=7003 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://marc.info/?l=oss-security&m=125198917018936&w=2 http://osvdb.org/56723 http://secunia.com/advisories/36088 http://secunia.com/advisories/36125 http://secunia.com/advisories/36139 http://secunia.com/advisories/36157 http://secunia.com/advisories/36434 http://secunia.com/advisories/36669 http://secunia.com/advisories/37098 http://sunsolve.sun.com • CWE-295: Improper Certificate Validation •
CVSS: 5.0EPSS: 3%CPEs: 185EXPL: 2CVE-2009-2535 – Multiple Browsers - Denial of Service
https://notcve.org/view.php?id=CVE-2009-2535
Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. Mozilla Firefox anteriores a v2.0.0.19 y v3.x anteriores a v3.0.5, SeaMonkey y Thunderbird permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y colgado de la aplicación) mediante un valor entero grande en la propiedad "length" de un objeto "Select", siendo un asunto relacionado con CVE-2009-1692. • https://www.exploit-db.com/exploits/9160 http://www.exploit-db.com/exploits/9160 http://www.g-sec.lu/one-bug-to-rule-them-all.html http://www.securityfocus.com/archive/1/504969/100/0/threaded http://www.securityfocus.com/archive/1/504988/100/0/threaded http://www.securityfocus.com/archive/1/504989/100/0/threaded http://www.securityfocus.com/archive/1/505006/100/0/threaded https://bugzilla.mozilla.org/show_bug.cgi?id=460713 • CWE-189: Numeric Errors •