Mozilla

Thunderbird

1542 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2008-0418

  • EPSS 38.66%
  • Published 08.02.2008 22:00:00
  • Last modified 09.04.2025 00:30:58

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:...

4.3

CVE-2007-5339

  • EPSS 20.18%
  • Published 21.10.2007 19:17:00
  • Last modified 09.04.2025 00:30:58

Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.

4.3

CVE-2007-5340

  • EPSS 14.75%
  • Published 21.10.2007 19:17:00
  • Last modified 09.04.2025 00:30:58

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.

9.3

CVE-2007-4841

  • EPSS 8.93%
  • Published 12.09.2007 20:17:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file ty...

4.3

CVE-2007-3844

Exploit
  • EPSS 26.71%
  • Published 08.08.2007 01:17:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an a...

9.3

CVE-2007-3845

  • EPSS 43.24%
  • Published 08.08.2007 01:17:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the fi...

4.3

CVE-2007-4038

  • EPSS 0.27%
  • Published 27.07.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands ...

9.3

CVE-2007-3734

  • EPSS 14.4%
  • Published 18.07.2007 17:30:00
  • Last modified 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.

9.3

CVE-2007-3735

  • EPSS 10.32%
  • Published 18.07.2007 17:30:00
  • Last modified 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.

9.3

CVE-2007-2867

  • EPSS 31.32%
  • Published 01.06.2007 00:30:00
  • Last modified 09.04.2025 00:30:58

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of servic...