Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

121 – 130 of 163 results

CVE-2009-2065

Medium priority
Ignored

Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's...

5 affected packages

firefox, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-2061

Low priority

Some fixes available 12 of 22

Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...

8 affected packages

firefox, kde4libs, kdelibs, qt4-x11, seamonkey...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
kde4libs
kdelibs
qt4-x11
seamonkey
webkit
xulrunner-1.9
xulrunner-1.9.1
Show all 8 packages Show less packages

CVE-2009-2044

Low priority

Some fixes available 1 of 5

Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.

3 affected packages

firefox, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-2043

Low priority

Some fixes available 9 of 11

nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to interaction with TinyMCE.

4 affected packages

firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
seamonkey
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-2042

Low priority

Some fixes available 8 of 21

libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers...

7 affected packages

libpng, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpng
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1841

Medium priority

Some fixes available 21 of 28

js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object,...

7 affected packages

firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1840

Low priority

Some fixes available 5 of 19

Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML...

5 affected packages

firefox, thunderbird, xulrunner, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-1839

Low priority

Some fixes available 5 of 6

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted...

3 affected packages

firefox, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
xulrunner-1.9
xulrunner-1.9.1
Show less packages

CVE-2009-1838

Medium priority

Some fixes available 21 of 28

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers...

7 affected packages

firefox, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-1837

Medium priority

Some fixes available 5 of 6

Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during...

3 affected packages

firefox, xulrunner-1.9, xulrunner-1.9.1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
xulrunner-1.9
xulrunner-1.9.1
Show less packages
  1. Previous page
  2. 11
  3. 12
  4. 13
  5. 14
  6. 15
  7. Next page
Export to JSON