CVSS: 8.1EPSS: 6%CPEs: 6EXPL: 3CVE-2006-2894 – Mozilla Firefox 1.x - JavaScript Key Filtering
https://notcve.org/view.php?id=CVE-2006-2894
07 Jun 2006 — Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the ... • https://www.exploit-db.com/exploits/27987 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 1%CPEs: 6EXPL: 1CVE-2006-2613 – Mandriva Linux Security Advisory 2006.143
https://notcve.org/view.php?id=CVE-2006-2613
26 May 2006 — Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents. A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program. • http://secunia.com/advisories/20244 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 26%CPEs: 30EXPL: 0CVE-2006-1737 – Ubuntu Security Notice 276-1
https://notcve.org/view.php?id=CVE-2006-1737
14 Apr 2006 — Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression. A large number of mozilla-thunderbird related vulnerabilities have been patched for Ubuntu. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 29%CPEs: 29EXPL: 0CVE-2006-1738 – Ubuntu Security Notice 276-1
https://notcve.org/view.php?id=CVE-2006-1738
14 Apr 2006 — Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles. A large number of mozilla-thunderbird related vulnerabilities have been patched for Ubuntu. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 6.5EPSS: 2%CPEs: 30EXPL: 0CVE-2006-1740
https://notcve.org/view.php?id=CVE-2006-1740
14 Apr 2006 — Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 9.8EPSS: 14%CPEs: 30EXPL: 0CVE-2006-1742
https://notcve.org/view.php?id=CVE-2006-1742
14 Apr 2006 — The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 0CVE-2006-1736
https://notcve.org/view.php?id=CVE-2006-1736
14 Apr 2006 — Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is ... • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 9.8EPSS: 40%CPEs: 4EXPL: 0CVE-2006-0749 – Mozilla Firefox Tag Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2006-0749
14 Apr 2006 — nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User inte... • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 27%CPEs: 7EXPL: 0CVE-2006-1724 – Debian Linux Security Advisory 1051-1
https://notcve.org/view.php?id=CVE-2006-1724
14 Apr 2006 — Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. Several security related problems have been discovered in Mozilla Thunderbird. This advisory addresses those issues. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 0CVE-2006-1727 – Debian Linux Security Advisory 1051-1
https://notcve.org/view.php?id=CVE-2006-1727
14 Apr 2006 — Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview". Several security related problems have been discovered in Mozilla Thunderbird. This advisory addresses those issues. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •