Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 358 results


CVE-2013-6167

Low priority
Ignored

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Ignored
seamonkey Not in release
thunderbird Ignored
xulrunner-1.9.2 Not in release
Show less packages

CVE-2013-1697

Medium priority

Some fixes available 6 of 10

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls,...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1694

Medium priority

Some fixes available 6 of 10

The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1693

Low priority

Some fixes available 6 of 10

The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1692

Medium priority

Some fixes available 6 of 10

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1690

Medium priority

Some fixes available 6 of 10

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1687

Medium priority

Some fixes available 6 of 10

The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1686

Medium priority

Some fixes available 6 of 10

Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1685

Medium priority

Some fixes available 6 of 10

Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2013-1684

Medium priority

Some fixes available 6 of 10

Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before...

4 affected packages

firefox, seamonkey, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
thunderbird
xulrunner-1.9.2
Show less packages