Vulnerabilities > Mozilla
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-14 | CVE-2006-1723 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-14 | CVE-2006-1531 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-14 | CVE-2006-1530 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-14 | CVE-2006-1529 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-14 | CVE-2006-0749 | Resource Management Errors vulnerability in Mozilla products nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption. | 9.3 |
2006-04-14 | CVE-2006-0748 | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index. | 9.3 |
2006-04-06 | CVE-2006-1650 | Denial-Of-Service vulnerability in Mozilla Firefox 1.5.0.1 Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. | 5.0 |
2006-03-07 | CVE-2006-1045 | Remote Information Disclosure vulnerability in Mozilla Thunderbird 1.5 The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed. | 2.6 |
2006-02-28 | CVE-2006-0916 | Information Disclosure vulnerability in Bugzilla User Credentials Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain. | 7.5 |
2006-02-28 | CVE-2006-0915 | Unspecified vulnerability in Mozilla Bugzilla 2.16.10 Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameters in attachment.cgi, which allows remote attackers to trigger a SQL error. | 7.5 |