Search CVE reports
161 – 163 of 163 results
CVE-2009-0652
Medium prioritySome fixes available 13 of 23
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows...
6 affected packages
firefox, iceape, seamonkey, xulrunner, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| seamonkey | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
| xulrunner-1.9 | — | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — | — |
CVE-2008-5913
Low prioritySome fixes available 5 of 12
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session,...
4 affected packages
firefox, xulrunner-1.9, xulrunner-1.9.1, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| xulrunner-1.9 | — | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — | — |
CVE-2007-1970
Negligible priorityMozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements are dynamically created by a delayed document.write, which allows remote attackers to supply unauthenticated content and...
5 affected packages
firefox, xulrunner, xulrunner-1.9, xulrunner-1.9.1, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
| xulrunner-1.9 | — | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — | — |