Vulnerabilities > Mozilla > Thunderbird > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-09-12 | CVE-2007-4841 | Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845. | 9.3 |
2007-07-18 | CVE-2007-3734 | Remote vulnerability in Mozilla Firefox and Thunderbird Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption. | 9.3 |
2007-07-18 | CVE-2007-3735 | Remote vulnerability in Mozilla Firefox and Thunderbird Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption. | 9.3 |
2007-06-01 | CVE-2007-2867 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues. | 9.3 |
2007-06-01 | CVE-2007-2868 | Code Injection vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption. | 9.3 |
2007-03-06 | CVE-2007-1282 | Integer Overflow vulnerability in Mozilla Seamonkey and Thunderbird Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line. | 9.3 |
2007-02-26 | CVE-2007-0776 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file. | 9.3 |
2007-02-26 | CVE-2007-0777 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption. | 9.3 |
2006-09-15 | CVE-2006-4571 | Remote vulnerability in Mozilla Seamonkey and Thunderbird Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data. | 10.0 |
2006-09-15 | CVE-2006-4565 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier." | 9.3 |