Searching thunderbird software vulnerabilities

Mozilla (Suite) before 1.7.1, Firefox before 0.

Mozilla |

Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.


Heap-based buffer overflow in the SendUidl in t

Thunderbird | capability | Heap-based | arbitrary | overflow | SendUidl | execute | servers | Firefox | Mozilla | remote | buffer | before | allow | code | POP3 | mail | may |

Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.


Mozilla before 1.7, Firefox before 0.9, and Thu

Thunderbird | attackers | sequences | encrypted | redirect | security | certain | Firefox | Mozilla | before | appear | remote | makes | allow | spoof | page | lock | icon | use | web |

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.


Mozilla before 1.7, Firefox before 0.9, and Thu

interactive | Thunderbird | extensions | manipulate | arbitrary | XPInstall | Security | Firefox | Mozilla | install | events | dialog | before | remote | sites | using | allow | box | web |

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.


Mozilla before 1.7, Firefox before 0.9, and Thu

Thunderbird | interface | Language | "chrome" | Mozilla | Firefox | hijack | remote | before | allow | sites | flag | user | XML | via | web |

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.


Mozilla Firefox before the Preview Release, Moz

Release | Preview | Mozilla | Firefox | before |

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.


Mozilla before 1.7, Firefox before 0.9, and Thu

Thunderbird | determine | attackers | obscuring | dragging | location | tricking | Mozilla | Firefox | control | upload | remote | allows | before | user's | drive | files | hard | text | into | file | user |

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control.


Thunderbird 0.6 through 0.9 and Mozilla 1.7 thr

Thunderbird | Mozilla | through |

Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.


Mozilla Thunderbird 1.0 and Firefox 1.0.6 allow

Thunderbird | Firefox | Mozilla |

Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.


Mozilla Firefox 1.0.1 and possibly other versio

Firefox | Mozilla |

Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.


Mozilla Thunderbird 1.5 allows user-assisted at

user-assisted | demonstrated | unspecified | Thunderbird | homePhone | importing | attackers | tricking | Mozilla | address | service | allows | denial | field | cause | book | into | user | LDIF | long | file |

Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field.


Unspecified vulnerability in Firefox and Thunde

vulnerability | Thunderbird | Unspecified | Firefox | before |

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.


Mozilla Firefox and Thunderbird before 1.5.0.4

Thunderbird | Firefox | Mozilla | before |

Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.


Certain privileged UI code in Mozilla Firefox a

Thunderbird | privileged | Firefox | Mozilla | Certain | before | code |

Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.


The crypto.signText function in Mozilla Firefox

cryptosignText | Thunderbird | function | Firefox | Mozilla | before |

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.


Integer overflow in Mozilla Firefox and Thunder

Thunderbird | overflow | Firefox | Integer | Mozilla | before |

Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.


Double-free vulnerability in nsVCard.cpp in Moz

vulnerability | Thunderbird | Double-free | nsVCardcpp | Mozilla | before |

Double-free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.


EvalInSandbox in Mozilla Firefox and Thunderbir

EvalInSandbox | Thunderbird | Firefox | Mozilla | before |

EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.


Mozilla Firefox before 1.5.0.5, Thunderbird bef

Firefox | Mozilla | before |

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.


Mozilla Firefox before 1.5.0.5, Thunderbird bef

Firefox | Mozilla | before |

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.


Software vulnerabilities results 1 to 20 of 110     
Page: 123456