Search CVE reports

1 – 10 of 226 results

Detailed view

Sort by:

CVE-2011-3000

Medium priority

Some fixes available 9 of 18

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2999

Medium priority

Some fixes available 9 of 18

Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2996

Medium priority

Some fixes available 8 of 18

Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2995

Medium priority

Some fixes available 9 of 18

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2372

Medium priority

Some fixes available 9 of 18

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2984

Low priority

Some fixes available 8 of 17

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2983

Medium priority

Some fixes available 7 of 16

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2982

Medium priority

Some fixes available 8 of 17

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2981

Medium priority

Some fixes available 7 of 16

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

CVE-2011-2378

Medium priority

Some fixes available 7 of 16

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via...

7 affected packages

firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9.2	—	—	—	—	—
xulrunner-2.0	—	—	—	—	—

Export to JSON

Results by page: