Mozilla

Thunderbird

1584 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2009-2408

Medienbericht
  • EPSS 2.02%
  • Veröffentlicht 30.07.2009 19:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certif...

10

CVE-2009-2462

  • EPSS 3.45%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch...

10

CVE-2009-2463

  • EPSS 5.22%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni...

10

CVE-2009-2464

  • EPSS 17.72%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb...

10

CVE-2009-2465

  • EPSS 4.33%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp...

10

CVE-2009-2466

Exploit
  • EPSS 4.37%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 25.06.2025 16:56:21

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2...

5

CVE-2009-2535

  • EPSS 10.79%
  • Veröffentlicht 20.07.2009 18:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a re...

9.3

CVE-2009-2210

  • EPSS 5.53%
  • Veröffentlicht 25.06.2009 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that...

9.3

CVE-2009-1392

Exploit
  • EPSS 15.73%
  • Veröffentlicht 12.06.2009 21:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vect...

9.3

CVE-2009-1832

Exploit
  • EPSS 10.37%
  • Veröffentlicht 12.06.2009 21:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double fra...