| Max CVSS | 5.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-4142 | 4.3 |
The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks b
|
30-10-2018 - 16:26 | 21-12-2009 - 16:30 | |
| CVE-2004-1316 | 5.0 |
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which
|
03-05-2018 - 01:29 | 29-12-2004 - 05:00 | |
| CVE-2005-0142 | 2.1 |
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. conten
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2005-0145 | 2.6 |
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
|
11-10-2017 - 01:29 | 24-01-2005 - 05:00 | |
| CVE-2005-0143 | 2.6 |
Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.
|
11-10-2017 - 01:29 | 23-03-2005 - 05:00 | |
| CVE-2005-0141 | 2.6 |
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2004-1380 | 5.0 |
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoo
|
11-10-2017 - 01:29 | 20-10-2004 - 04:00 | |
| CVE-2005-0144 | 2.6 |
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2004-1381 | 5.0 |
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other
|
11-10-2017 - 01:29 | 20-10-2004 - 04:00 |