- EPSS 2.21%
- Veröffentlicht 17.12.2008 23:30:00
- Zuletzt bearbeitet 16.06.2026 23:00:26
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms s...
CVE-2008-5511
- EPSS 1.86%
- Veröffentlicht 17.12.2008 23:30:00
- Zuletzt bearbeitet 16.06.2026 23:00:26
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to a...
CVE-2008-5512
- EPSS 2.86%
- Veröffentlicht 17.12.2008 23:30:00
- Zuletzt bearbeitet 16.06.2026 23:00:26
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown v...
CVE-2008-5513
- EPSS 1.78%
- Veröffentlicht 17.12.2008 23:30:00
- Zuletzt bearbeitet 16.06.2026 23:00:27
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cr...
CVE-2008-5430
- EPSS 1.01%
- Veröffentlicht 13.12.2008 08:40:08
- Zuletzt bearbeitet 16.06.2026 22:59:57
Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of s...
- EPSS 2.04%
- Veröffentlicht 13.11.2008 11:30:01
- Zuletzt bearbeitet 16.06.2026 22:58:56
Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin...
- EPSS 5.87%
- Veröffentlicht 13.11.2008 11:30:01
- Zuletzt bearbeitet 16.06.2026 22:58:57
jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifyin...
- EPSS 2.29%
- Veröffentlicht 13.11.2008 11:30:01
- Zuletzt bearbeitet 16.06.2026 22:58:57
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other conse...
- EPSS 3.84%
- Veröffentlicht 13.11.2008 11:30:01
- Zuletzt bearbeitet 16.06.2026 22:58:57
Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (c...
- EPSS 3.84%
- Veröffentlicht 13.11.2008 11:30:01
- Zuletzt bearbeitet 16.06.2026 22:58:57
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient...