Vulnerabilities > Mozilla > Seamonkey > 1.1.18

DATE CVE VULNERABILITY TITLE RISK
2009-10-29 CVE-2009-3373 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox and Seamonkey
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
mozilla CWE-119
critical
 10.0
10
2009-10-29 CVE-2009-3372 Unspecified vulnerability in Mozilla Firefox and Seamonkey
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
network
mozilla
critical
 9.3
9.3
2009-07-30 CVE-2009-2408 Improper Certificate Validation vulnerability in multiple products
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
network
high complexity
mozilla suse opensuse debian canonical CWE-295
5.9
5.9
2009-01-20 CVE-2008-5913 Information Disclosure vulnerability in Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack."
network
mozilla
4.9
4.9
2006-12-20 CVE-2006-6497 Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors.
network
mozilla
6.8
6.8