Vulnerabilities > Mozilla > Mozilla > 1.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-08-18 | CVE-2004-0762 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. | 5.0 |
2004-08-18 | CVE-2004-0761 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. | 5.0 |
2004-08-18 | CVE-2004-0757 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | 10.0 |
2004-08-06 | CVE-2004-0648 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol. | 10.0 |
2004-04-15 | CVE-2003-0594 | Unspecified vulnerability in Mozilla Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. | 7.5 |
2004-03-15 | CVE-2004-0191 | Cross-Site Scripting vulnerability in Mozilla Browser Zombie Document Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. network mozilla | 6.8 |