| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-1238 | 5.0 |
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypa
|
13-02-2023 - 02:18 | 27-03-2008 - 10:44 | |
| CVE-2008-0416 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (
|
13-02-2023 - 02:18 | 12-02-2008 - 03:00 | |
| CVE-2008-1195 | 9.3 |
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via uns
|
31-07-2019 - 12:38 | 06-03-2008 - 21:44 | |
| CVE-2007-4879 | 5.0 |
Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web site
|
30-10-2018 - 16:25 | 13-09-2007 - 18:17 | |
| CVE-2008-1241 | 4.3 |
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.
|
11-10-2018 - 20:31 | 27-03-2008 - 10:44 | |
| CVE-2008-1240 | 5.0 |
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine.
|
11-10-2018 - 20:31 | 28-03-2008 - 01:44 | |
| CVE-2008-1233 | 6.8 |
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."
|
11-10-2018 - 20:30 | 27-03-2008 - 10:44 | |
| CVE-2008-1237 | 6.8 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat
|
11-10-2018 - 20:30 | 27-03-2008 - 10:44 | |
| CVE-2008-1235 | 9.3 |
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka
|
11-10-2018 - 20:30 | 27-03-2008 - 10:44 | |
| CVE-2008-1234 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event han
|
11-10-2018 - 20:30 | 27-03-2008 - 10:44 | |
| CVE-2008-1236 | 6.8 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat
|
11-10-2018 - 20:30 | 27-03-2008 - 10:44 |