Mozilla

Thunderbird

1584 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2008-5512

  • EPSS 5.14%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown v...

4.3

CVE-2008-5513

  • EPSS 1.65%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cr...

4.3

CVE-2008-5430

  • EPSS 0.56%
  • Veröffentlicht 13.12.2008 08:40:08
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of s...

5

CVE-2008-5012

  • EPSS 5.97%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin...

10

CVE-2008-5014

  • EPSS 25.21%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifyin...

5

CVE-2008-5016

  • EPSS 21.26%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other conse...

10

CVE-2008-5017

  • EPSS 17.42%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (c...

10

CVE-2008-5018

  • EPSS 20.19%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient...

9.3

CVE-2008-5021

  • EPSS 25.26%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying pr...

7.5

CVE-2008-5022

  • EPSS 13.45%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrar...