Vulnerabilities > Mozilla
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-08-18 | CVE-2004-0765 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates. | 7.5 |
2004-08-18 | CVE-2004-0764 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | 10.0 |
2004-08-18 | CVE-2004-0763 | Unspecified vulnerability in Mozilla Firefox 0.9.1/0.9.2 Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method. | 5.0 |
2004-08-18 | CVE-2004-0762 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. | 5.0 |
2004-08-18 | CVE-2004-0761 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. | 5.0 |
2004-08-18 | CVE-2004-0760 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | 6.4 |
2004-08-18 | CVE-2004-0759 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. | 6.4 |
2004-08-18 | CVE-2004-0758 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid. | 5.0 |
2004-08-18 | CVE-2004-0757 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | 10.0 |
2004-08-18 | CVE-2004-0722 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. | 10.0 |