CVE-2007-1736
- EPSS 1.16%
- Veröffentlicht 28.03.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:12
Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.
CVE-2007-1562
- EPSS 13.85%
- Veröffentlicht 21.03.2007 19:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:50
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate...
- EPSS 19.61%
- Veröffentlicht 10.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:27
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followe...
CVE-2007-0994
- EPSS 3.21%
- Veröffentlicht 06.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:36:42
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI...
CVE-2007-1256
- EPSS 1.01%
- Veröffentlicht 03.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:14
Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document source, and perform updates in the context of arbitrary websites, by repeatedly setting document.location in the onunload attribute when linking to anoth...
CVE-2007-0996
- EPSS 2.06%
- Veröffentlicht 27.02.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:42
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated us...
- EPSS 1.12%
- Veröffentlicht 26.02.2007 23:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:58
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history.
CVE-2007-0008
- EPSS 4.34%
- Veröffentlicht 26.02.2007 20:28:00
- Zuletzt bearbeitet 16.06.2026 22:34:41
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server produc...
CVE-2007-0009
- EPSS 50.36%
- Veröffentlicht 26.02.2007 20:28:00
- Zuletzt bearbeitet 16.06.2026 22:34:41
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser...
CVE-2007-0778
- EPSS 3.12%
- Veröffentlicht 26.02.2007 20:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:16
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i...