CVE-2007-5959
- EPSS 5.44%
- Veröffentlicht 26.11.2007 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:07
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.
CVE-2007-5960
- EPSS 1.47%
- Veröffentlicht 26.11.2007 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:07
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer...
CVE-2007-5947
- EPSS 2.71%
- Veröffentlicht 14.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:05
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remot...
CVE-2007-5896
- EPSS 1.17%
- Veröffentlicht 08.11.2007 20:46:00
- Zuletzt bearbeitet 16.06.2026 22:46:59
Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (\x00) and a (1) res://, (2) about:config, or (3) fi...
CVE-2007-5691
- EPSS 1.13%
- Veröffentlicht 29.10.2007 19:46:00
- Zuletzt bearbeitet 16.06.2026 22:46:38
ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (application crash) via a crafted reply to an unspecified listing command, related to "reading from invalid pointer."
CVE-2007-5335
- EPSS 1.29%
- Veröffentlicht 24.10.2007 00:46:00
- Zuletzt bearbeitet 16.06.2026 22:45:54
Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs.
CVE-2007-5334
- EPSS 3.02%
- Veröffentlicht 21.10.2007 20:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:54
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attr...
CVE-2007-5337
- EPSS 2.44%
- Veröffentlicht 21.10.2007 20:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:55
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the tar...
CVE-2007-5338
- EPSS 3.15%
- Veröffentlicht 21.10.2007 20:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:55
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome ...
CVE-2007-5339
- EPSS 3.43%
- Veröffentlicht 21.10.2007 19:17:00
- Zuletzt bearbeitet 16.06.2026 22:45:55
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.