Vulnerabilities > Mozilla > Mozilla Suite > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-23 | CVE-2005-2707 | Unspecified vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks. | 5.0 |
| 2005-09-23 | CVE-2005-2706 | Unspecified vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla. | 6.4 |
| 2005-09-23 | CVE-2005-2704 | Unspecified vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface. | 5.0 |
| 2005-09-23 | CVE-2005-2703 | Code Injection vulnerability in Mozilla Firefox and Mozilla Suite Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting. | 5.0 |