Vulnerabilities > Mozilla > Seamonkey > 2.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-12-10 | CVE-2010-3770 | Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering. | 4.3 |
| 2010-12-10 | CVE-2010-3769 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read. | 9.3 |
| 2010-12-10 | CVE-2010-3768 | Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules. | 9.3 |
| 2010-12-10 | CVE-2010-3767 | Numeric Errors vulnerability in Mozilla Firefox and Seamonkey Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements. | 9.3 |
| 2010-12-10 | CVE-2010-3766 | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node. | 9.3 |
| 2010-10-28 | CVE-2010-3765 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | 9.3 |
| 2010-10-21 | CVE-2010-3183 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. | 9.3 |
| 2010-10-21 | CVE-2010-3182 | Local Privilege Escalation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. local mozilla | 6.9 |
| 2010-10-21 | CVE-2010-3181 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory. local mozilla | 6.9 |
| 2010-10-21 | CVE-2010-3180 | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. | 9.3 |