Mozilla

Mozilla

108 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2003-1265

Exploit
  • EPSS 0.14%
  • Published 31.12.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.

9.8

CVE-2003-0791

  • EPSS 1.15%
  • Published 07.10.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

7.5

CVE-2003-0298

  • EPSS 0.95%
  • Published 16.06.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness err...

5

CVE-2003-0300

  • EPSS 0.85%
  • Published 16.06.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.

5

CVE-2002-2013

Exploit
  • EPSS 0.48%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

7.5

CVE-2002-2061

  • EPSS 3.38%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.

5

CVE-2002-2314

Exploit
  • EPSS 12.46%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.

5

CVE-2002-2338

Exploit
  • EPSS 7.42%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of th...

4.3

CVE-2002-2359

Exploit
  • EPSS 0.23%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.

7.5

CVE-2002-1308

  • EPSS 6.24%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.