Mozilla

Thunderbird

1584 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2008-1233

  • EPSS 19.86%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."

4.3

CVE-2008-1234

  • EPSS 7.19%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event han...

9.3

CVE-2008-1235

  • EPSS 19.12%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka...

6.8

CVE-2008-1236

  • EPSS 26.05%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat...

6.8

CVE-2008-1237

  • EPSS 26.05%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat...

7.5

CVE-2008-0304

  • EPSS 30.51%
  • Veröffentlicht 29.02.2008 19:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation ...

4.3

CVE-2008-0416

  • EPSS 6.63%
  • Veröffentlicht 12.02.2008 03:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including ...

9.3

CVE-2008-0420

  • EPSS 2.1%
  • Veröffentlicht 12.02.2008 03:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re...

4.3

CVE-2008-0591

Exploit
  • EPSS 5.54%
  • Veröffentlicht 09.02.2008 00:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by...

9.3

CVE-2008-0412

  • EPSS 8.85%
  • Veröffentlicht 08.02.2008 22:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF...