CVE-2006-4565
- EPSS 5.71%
- Veröffentlicht 15.09.2006 18:07:00
- Zuletzt bearbeitet 16.06.2026 22:29:20
Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression ...
- EPSS 3.77%
- Veröffentlicht 15.09.2006 18:07:00
- Zuletzt bearbeitet 16.06.2026 22:29:21
Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character ...
CVE-2006-4567
- EPSS 1.79%
- Veröffentlicht 15.09.2006 18:07:00
- Zuletzt bearbeitet 16.06.2026 22:29:21
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting ...
CVE-2006-4561
- EPSS 1.46%
- Veröffentlicht 06.09.2006 00:04:00
- Zuletzt bearbeitet 16.06.2026 22:29:20
Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker a...
CVE-2006-4310
- EPSS 5.83%
- Veröffentlicht 23.08.2006 19:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:49
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
CVE-2006-4253
- EPSS 14.07%
- Veröffentlicht 21.08.2006 20:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:43
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by red...
CVE-2006-3812
- EPSS 3.09%
- Veröffentlicht 29.07.2006 00:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:52
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.
CVE-2006-3113
- EPSS 6.31%
- Veröffentlicht 27.07.2006 20:04:00
- Zuletzt bearbeitet 16.06.2026 22:26:25
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to ...
CVE-2006-3801
- EPSS 4.35%
- Veröffentlicht 27.07.2006 20:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:50
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.
CVE-2006-3802
- EPSS 2.32%
- Veröffentlicht 27.07.2006 20:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:50
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-lev...