Seamonkey

seamonkey

Vendor: Mozilla • 704 CVEs

CVEs (704)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-0994 2Debian Mozilla 3Debian Linux FirefoxSeamonkey Apr 23, 2026 Mar 6, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail...Show more A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.Show less
CVE-2007-0996 1Mozilla 2Firefox Seamonkey Apr 23, 2026 Feb 27, 2007 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XS...Show more The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.Show less
CVE-2007-0780 2Canonical Mozilla 3Firefox SeamonkeyUbuntu Linux Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS...Show more browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.Show less
CVE-2007-0779 1Mozilla 2Firefox Seamonkey Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 6.4 MEDIUM· v2 GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security in...Show more GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.Show less
CVE-2007-0778 3Canonical DebianMozilla 4Debian Linux FirefoxSeamonkey+1 more Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 5.4 MEDIUM· v2 The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote a...Show more The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.Show less
CVE-2007-0009 3Canonical DebianMozilla 6Debian Linux FirefoxNetwork Security Services+3 more Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, a...Show more Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.Show less
CVE-2007-0008 1Mozilla 4Firefox Network Security ServicesSeamonkey+1 more Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain...Show more Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.Show less
CVE-2007-0995 1Mozilla 2Firefox Seamonkey Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular exp...Show more Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.Show less
CVE-2007-0777 2Canonical Mozilla 4Firefox SeamonkeyThunderbird+1 more Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute a...Show more The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.Show less
CVE-2007-0776 1Mozilla 3Firefox SeamonkeyThunderbird Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stro...Show more Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.Show less
CVE-2007-0775 1Mozilla 3Firefox SeamonkeyThunderbird Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 3.7 LOW· v2 Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of ser...Show more Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.Show less
CVE-2007-1095 1Mozilla 2Firefox Seamonkey Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the...Show more Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.Show less
CVE-2007-1092 1Mozilla 2Firefox Seamonkey Apr 23, 2026 Feb 26, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption d...Show more Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.Show less
CVE-2007-0981 1Mozilla 2Firefox Seamonkey Apr 23, 2026 Feb 16, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a...Show more Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.Show less
CVE-2006-6505 1Mozilla 2Seamonkey Thunderbird Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2)...Show more Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers.Show less
CVE-2006-6504 2Canonical Mozilla 3Firefox SeamonkeyUbuntu Linux Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memo...Show more Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.Show less
CVE-2006-6503 3Canonical DebianMozilla 5Debian Linux FirefoxSeamonkey+2 more Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an...Show more Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.Show less
CVE-2006-6502 1Mozilla 3Firefox SeamonkeyThunderbird Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 7.1 HIGH· v2 Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial o...Show more Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors.Show less
CVE-2006-6501 3Canonical DebianMozilla 5Debian Linux FirefoxSeamonkey+2 more Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the...Show more Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.Show less
CVE-2006-6500 3Canonical DebianMozilla 5Debian Linux FirefoxSeamonkey+2 more Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly exe...Show more Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap.Show less

Previous 1...313233...36 Next