Search CVE reports
2291 – 2300 of 2858 results
Some fixes available 9 of 15
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does...
7 affected packages
firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
| xulrunner-2.0 | — | — | — | — |
Some fixes available 3 of 6
Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an...
7 affected packages
firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
| xulrunner-2.0 | — | — | — | — |
Some fixes available 8 of 10
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 12 of 14
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 8 of 9
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 11 of 13
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG...
3 affected packages
chromium-browser, firefox, libpng
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | — |
| firefox | — | — | — | — |
| libpng | — | — | — | — |
Some fixes available 6 of 12
CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allows remote...
3 affected packages
firefox, seamonkey, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
Some fixes available 1 of 2
The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in...
1 affected package
firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
Some fixes available 9 of 19
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...
7 affected packages
firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2, seamonkey...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-2.0 | — | — | — | — |
Some fixes available 7 of 15
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly...
7 affected packages
firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
| xulrunner-2.0 | — | — | — | — |