Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-6499 | 4.3 |
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers
|
22-12-2023 - 18:49 | 20-12-2006 - 01:28 | |
CVE-2006-6500 | 6.8 |
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting
|
09-10-2019 - 22:51 | 20-12-2006 - 01:28 | |
CVE-2006-6498 | 6.8 |
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6497 | 6.8 |
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6503 | 6.8 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript:
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6505 | 6.8 |
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME no
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6504 | 9.3 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6502 | 7.1 |
Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6501 | 6.8 |
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6507 | 4.3 |
Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.
|
08-03-2011 - 02:46 | 20-12-2006 - 01:28 | |
CVE-2006-6506 | 4.3 |
The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits.
|
08-03-2011 - 02:46 | 20-12-2006 - 01:28 |