CVE-2006-0298
- EPSS 5.92%
- Published 02.02.2006 22:02:00
- Last modified 03.04.2025 01:03:51
The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.
CVE-2006-0294
- EPSS 7.64%
- Published 02.02.2006 20:06:00
- Last modified 03.04.2025 01:03:51
Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to o...
CVE-2006-0295
- EPSS 82.37%
- Published 02.02.2006 20:06:00
- Last modified 03.04.2025 01:03:51
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory...
- EPSS 41.2%
- Published 02.02.2006 20:06:00
- Last modified 03.04.2025 01:03:51
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf fil...