CVSS: 6.4EPSS: 0%CPEs: 79EXPL: 0CVE-2005-4685
https://notcve.org/view.php?id=CVE-2005-4685
31 Dec 2005 — Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0123.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2004-1639
https://notcve.org/view.php?id=CVE-2004-1639
26 Oct 2004 — Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html extension. • http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0017.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2003-1265
https://notcve.org/view.php?id=CVE-2003-1265
31 Dec 2003 — Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html •