CVE search results

141 – 150 of 226 results

Detailed view

Sort by:

CVE-2009-0040

Medium priority

Some fixes available 15 of 31

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute...

12 affected packages

firefox, firefox-3.0, firefox-3.5, iceape, icedove...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
libpng	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-0358

Low priority

Some fixes available 4 of 6

Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of...

7 affected packages

firefox, firefox-3.0, iceape, iceweasel, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
iceweasel	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2009-0356

Medium priority

Not affected

Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and...

7 affected packages

firefox, firefox-3.0, iceape, iceweasel, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
iceweasel	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2009-0354

Low priority

Some fixes available 4 of 6

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS)...

7 affected packages

firefox, firefox-3.0, iceape, iceweasel, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
iceweasel	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2009-0353

Medium priority

Some fixes available 7 of 13

Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly...

10 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2009-0352

Medium priority

Some fixes available 14 of 18

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or...

10 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2009-0253

Low priority

Ignored

Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.

10 affected packages

firefox, firefox-3.0, iceape, icedove, iceweasel...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
icedove	—	—	—	—	—
iceweasel	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-5715

Negligible priority

Ignored

Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported...

7 affected packages

firefox, firefox-3.0, iceape, iceweasel, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
iceape	—	—	—	—	—
iceweasel	—	—	—	—	—
seamonkey	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-5505

Medium priority

Some fixes available 4 of 6

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

2 affected packages

firefox-3.0, xulrunner-1.9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2008-5513

Medium priority

Some fixes available 15 of 19

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with...

4 affected packages

firefox, firefox-3.0, xulrunner, xulrunner-1.9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports