Mozilla

Thunderbird

1786 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.01%
  • Veröffentlicht 29.09.2011 00:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:55

YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.

  • EPSS 4.77%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:26:46

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, ...

  • EPSS 5.56%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:31:13

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors...

  • EPSS 0.29%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:21

Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Troja...

  • EPSS 2.24%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:21

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Sam...

  • EPSS 5.26%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corrupt...

  • EPSS 1.58%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:21

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data ...

  • EPSS 3.56%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:22

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges...

  • EPSS 5.27%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:22

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and applic...

  • EPSS 1.19%
  • Veröffentlicht 18.08.2011 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:22

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data ...