Mozilla

Mozilla

108 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2004-0761

  • EPSS 1.03%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.

5

CVE-2004-0762

  • EPSS 1.36%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.

10

CVE-2004-0764

  • EPSS 2.54%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.

7.5

CVE-2004-0765

  • EPSS 0.77%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows rem...

7.5

CVE-2004-0779

  • EPSS 0.79%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached passwor...

10

CVE-2004-0648

  • EPSS 22.51%
  • Published 06.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.

7.5

CVE-2004-0718

  • EPSS 1.91%
  • Published 27.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other ...

2.6

CVE-2004-0478

  • EPSS 0.74%
  • Published 07.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demon...

7.5

CVE-2003-0594

Exploit
  • EPSS 0.52%
  • Published 15.04.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. ...

6.8

CVE-2004-0191

Exploit
  • EPSS 1.82%
  • Published 15.03.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated us...