Mozilla

Mozilla

108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2004-1381

Exploit
  • EPSS 15.27%
  • Veröffentlicht 20.10.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other...

5

CVE-2004-1613

Exploit
  • EPSS 1.36%
  • Veröffentlicht 18.10.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing...

5

CVE-2004-1614

Exploit
  • EPSS 1.13%
  • Veröffentlicht 18.10.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by manglem...

5

CVE-2004-0871

  • EPSS 0.44%
  • Veröffentlicht 16.09.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cr...

4.6

CVE-2004-0905

Exploit
  • EPSS 6.61%
  • Veröffentlicht 14.09.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a fr...

10

CVE-2004-0722

  • EPSS 23.11%
  • Veröffentlicht 18.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.

10

CVE-2004-0757

  • EPSS 4.48%
  • Veröffentlicht 18.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.

5

CVE-2004-0758

  • EPSS 15.84%
  • Veröffentlicht 18.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is tr...

6.4

CVE-2004-0759

  • EPSS 1.1%
  • Veröffentlicht 18.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.

6.4

CVE-2004-0760

  • EPSS 13.34%
  • Veröffentlicht 18.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.