Mozilla

Thunderbird Esr

239 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2012-4215

Exploit
  • EPSS 4.32%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote ...

9.3

CVE-2012-4216

Exploit
  • EPSS 6.39%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to exe...

9.3

CVE-2012-4217

Exploit
  • EPSS 2.87%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap ...

4.3

CVE-2012-4201

Exploit
  • EPSS 2.61%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code...

9.3

CVE-2012-4202

  • EPSS 6.75%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attacker...

4.3

CVE-2012-4194

Exploit
  • EPSS 1.36%
  • Veröffentlicht 29.10.2012 18:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), ...

4.3

CVE-2012-4195

  • EPSS 0.96%
  • Veröffentlicht 29.10.2012 18:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and prin...

6.4

CVE-2012-4196

Exploit
  • EPSS 0.96%
  • Veröffentlicht 29.10.2012 18:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a pro...

6.8

CVE-2012-4193

Exploit
  • EPSS 1.41%
  • Veröffentlicht 12.10.2012 10:44:20
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, w...

4.3

CVE-2012-3992

  • EPSS 1.14%
  • Veröffentlicht 10.10.2012 17:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XS...