| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-3845 | 9.3 |
Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the fi
|
13-02-2023 - 02:18 | 08-08-2007 - 01:17 | |
| CVE-2007-3285 | 6.8 |
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extens
|
09-10-2019 - 22:53 | 20-06-2007 - 19:30 | |
| CVE-2007-3089 | 4.3 |
Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript cod
|
16-10-2018 - 16:47 | 06-06-2007 - 21:30 | |
| CVE-2007-3844 | 4.3 |
Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an a
|
15-10-2018 - 21:31 | 08-08-2007 - 01:17 | |
| CVE-2007-3734 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
|
15-10-2018 - 21:30 | 18-07-2007 - 17:30 | |
| CVE-2007-3738 | 9.3 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.
|
15-10-2018 - 21:30 | 18-07-2007 - 17:30 | |
| CVE-2007-3736 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probab
|
15-10-2018 - 21:30 | 18-07-2007 - 17:30 | |
| CVE-2007-3735 | 9.3 |
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
|
15-10-2018 - 21:30 | 18-07-2007 - 17:30 | |
| CVE-2007-3737 | 9.3 |
Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."
|
15-10-2018 - 21:30 | 18-07-2007 - 17:30 | |
| CVE-2007-3656 | 6.8 |
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further atta
|
15-10-2018 - 21:29 | 10-07-2007 - 19:30 |