seamonkey software vulnerabilities
vulnerabilities.aspcode.net
Searching seamonkey software vulnerabilities
Mozilla Firefox before 1.5.0.1, Thunderbird 1.5
Firefox
|
Mozilla
|
before
|
Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascr
QueryInterface
|
Thunderbird
|
Javascript
|
corruption
|
SeaMonkey
|
arbitrary
|
attackers
|
Navigator
|
Location
|
built-in
|
objects
|
execute
|
Firefox
|
enabled
|
Mozilla
|
before
|
memory
|
method
|
remote
|
leads
|
which
|
might
|
allow
|
mail
|
code
|
via
|
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
Multiple integer overflows in Mozilla Firefox 1
Thunderbird
|
Javascript
|
SeaMonkey
|
arbitrary
|
attackers
|
overflows
|
Multiple
|
execute
|
integer
|
Firefox
|
Mozilla
|
enabled
|
remote
|
before
|
might
|
allow
|
code
|
mail
|
via
|
Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas.
The XML parser in Mozilla Firefox before 1.5.0.
Mozilla
|
Firefox
|
before
|
parser
|
XML
|
The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.
The E4X implementation in Mozilla Firefox befor
implementation
|
Firefox
|
Mozilla
|
before
|
E4X
|
The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
Mozilla Firefox and Thunderbird 1.x before 1.5.
Thunderbird
|
Firefox
|
Mozilla
|
before
|
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.
nsHTMLContentSink.cpp in Mozilla Firefox and Th
nsHTMLContentSinkcpp
|
Thunderbird
|
Firefox
|
Mozilla
|
before
|
10x
|
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.
Unspecified vulnerability in Firefox and Thunde
vulnerability
|
Thunderbird
|
Unspecified
|
Firefox
|
before
|
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
Unspecified vulnerability in Mozilla Firefox be
vulnerability
|
Unspecified
|
Firefox
|
Mozilla
|
before
|
Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context.
Double-free vulnerability in nsVCard.cpp in Moz
vulnerability
|
Thunderbird
|
Double-free
|
nsVCardcpp
|
Mozilla
|
before
|
Double-free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonke
Firefox
|
Mozilla
|
before
|
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.
Mozilla Firefox before 1.5.0.5 and SeaMonkey be
Firefox
|
Mozilla
|
before
|
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
Mozilla Firefox before 1.5.0.5, Thunderbird bef
Firefox
|
Mozilla
|
before
|
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.
Mozilla Firefox before 1.5.0.5, Thunderbird bef
Firefox
|
Mozilla
|
before
|
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.
Mozilla Firefox before 1.5.0.7 and SeaMonkey be
Firefox
|
Mozilla
|
before
|
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks.
Unspecified vulnerability in Mozilla Firefox be
vulnerability
|
Unspecified
|
Firefox
|
Mozilla
|
before
|
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing.
Multiple unspecified vulnerabilities in the lay
vulnerabilities
|
unspecified
|
Multiple
|
Firefox
|
Mozilla
|
before
|
layout
|
engine
|
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
Unspecified vulnerability in Mozilla Firefox be
vulnerability
|
Unspecified
|
Firefox
|
Mozilla
|
before
|
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.
Unspecified vulnerability in Mozilla Firefox 2.
vulnerability
|
Unspecified
|
Firefox
|
Mozilla
|
before
|
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
Mozilla Firefox before 1.5.0.10 and 2.x before
Firefox
|
Mozilla
|
before
|
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
Software vulnerabilities results 1 to 20 of 92
Page:
1
2
3
4
5
►