CVE-2007-4038
- EPSS 1.11%
- Veröffentlicht 27.07.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:43:17
Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands ...
CVE-2007-4041
- EPSS 19.66%
- Veröffentlicht 27.07.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:43:17
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI,...
CVE-2007-4013
- EPSS 4.23%
- Veröffentlicht 26.07.2007 01:30:00
- Zuletzt bearbeitet 16.06.2026 22:43:14
Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before...
CVE-2007-3734
- EPSS 2.22%
- Veröffentlicht 18.07.2007 17:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:37
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
CVE-2007-3735
- EPSS 2.22%
- Veröffentlicht 18.07.2007 17:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:37
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
CVE-2007-3736
- EPSS 1.35%
- Veröffentlicht 18.07.2007 17:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:37
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probab...
CVE-2007-3737
- EPSS 4.62%
- Veröffentlicht 18.07.2007 17:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:37
Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."
CVE-2007-3738
- EPSS 3.8%
- Veröffentlicht 18.07.2007 17:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:37
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.
- EPSS 0.93%
- Veröffentlicht 17.07.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:48
Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which allows remote attackers to pass information between arbitrary domains and track user activity, as demonstrated by the domain attribute in the document.c...
CVE-2007-3656
- EPSS 1.97%
- Veröffentlicht 10.07.2007 19:30:00
- Zuletzt bearbeitet 16.06.2026 22:42:28
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further atta...