| 6! | Mozilla Forefox jar: URL crossite scripting
updated since 12.11.2007
|
 | | It's possible to fire crossite scripting attack via jar: protocol by uploading JAR, DOC, ZIP, etc files. |
| 7! | Mozilla Firefox / Thunderbird URL processing code execution
updated since 25.07.2007
|
| | It's possible to inject shell characters into mailto:, news:, nntp: IRLs if Thunderbird is used as URL handler. |
| 7! | Mozilla Firefox cache crossite access
updated since 10.07.2007
|
| | wyciwyg:// URL in combination with 302 HTTP response allows to access cached pages. |
| 8! | Mozilla Firefox, Thunderbird, Seamonkey multiple securityvulnerabilities
|
| | Code execution, memory corruption, content spoofing, crossite scripting, DoS. |
| | Mozilla Firefox focus spoofing
|
| | It's possible to spoof the focus of key press events. |
| 8! | Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
updated since 01.06.2007
|
| | Multiple DoS conditions, addEventListener method crossite scripting. Multiple heap oberflows, integer overflows, etc. |
| | |
