CVE search results

131 – 140 of 541 results

Detailed view

Sort by:

CVE-2012-1956

Medium priority

Some fixes available 14 of 24

Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1967

Medium priority

Some fixes available 8 of 18

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1966

Medium priority

Some fixes available 4 of 14

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1965

Medium priority

Some fixes available 4 of 14

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS)...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1964

Medium priority

Some fixes available 8 of 18

The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1963

Medium priority

Some fixes available 8 of 18

The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1962

Low priority

Some fixes available 8 of 18

Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1961

Low priority

Some fixes available 8 of 18

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers,...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1960

Low priority

Some fixes available 8 of 18

The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-1959

Medium priority

Some fixes available 8 of 18

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports