Mozilla

Thunderbird

1786 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.85%
  • Veröffentlicht 09.02.2008 00:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:56

Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by...

  • EPSS 3.3%
  • Veröffentlicht 08.02.2008 22:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:33

The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF...

  • EPSS 2.48%
  • Veröffentlicht 08.02.2008 22:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:34

The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2...

  • EPSS 2.21%
  • Veröffentlicht 08.02.2008 22:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:34

Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.lo...

  • EPSS 8.63%
  • Veröffentlicht 08.02.2008 22:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:35

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:...

  • EPSS 3.43%
  • Veröffentlicht 21.10.2007 19:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:55

Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.

  • EPSS 3.43%
  • Veröffentlicht 21.10.2007 19:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:55

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.

  • EPSS 2.65%
  • Veröffentlicht 12.09.2007 20:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:53

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file ty...

Exploit
  • EPSS 5.45%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:42:52

Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an a...

  • EPSS 5.7%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:42:52

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the fi...