| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-0399 | 5.1 |
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a
|
03-05-2018 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2005-0149 | 5.0 |
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail me
|
11-10-2017 - 01:29 | 15-02-2005 - 05:00 | |
| CVE-2004-0906 | 4.6 |
The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary fi
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2004-1613 | 5.0 |
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing
|
11-10-2017 - 01:29 | 18-10-2004 - 04:00 | |
| CVE-2005-0232 | 2.6 |
Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain s
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2005-0141 | 2.6 |
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2004-1380 | 5.0 |
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoo
|
11-10-2017 - 01:29 | 20-10-2004 - 04:00 | |
| CVE-2005-0144 | 2.6 |
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2005-0147 | 7.5 |
Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 |