CVE search results

61 – 70 of 358 results

Detailed view

Sort by:

CVE-2012-4214

Medium priority

Some fixes available 8 of 15

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4213

Medium priority

Some fixes available 8 of 15

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4212

Medium priority

Some fixes available 8 of 15

Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4210

Medium priority

Some fixes available 4 of 11

The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4209

Medium priority

Some fixes available 8 of 15

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4208

Medium priority

Some fixes available 8 of 15

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4207

Medium priority

Some fixes available 8 of 15

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4205

Medium priority

Some fixes available 8 of 15

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4204

Medium priority

Some fixes available 8 of 15

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2012-4203

Medium priority

Some fixes available 4 of 11

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a...

5 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2, xulrunner-2.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports