| 7! | Mozilla / Firefox / Firebird / Netscape array overflow
updated since 31.05.2006
|
 | | Array ovrflow on high marquee tag recursion level. |
| | Internet Explorer, Opera, Google Chrome, Mozilla browsers DoS
updated since 03.10.2008
|
| | window.close() в цикле на событие OnLoad() приводит к зависанию браузера. Multiple resource exhaustion attacks with Javascript. |
| | Mozilla Network Security Services library memory leak
updated since 23.06.2006
|
| | 256 bytes are leaked on every RSA cryptographic operation. |
| | Mozilla / Firefox / Netscape exceptions information leak
|
| | On exception raise message contains path to application installation and sometimes user's profile path. |
| 8! | Mozilla browsers and mail agents memory corruption
|
| | Memory corruption on displaying corrupted HTML tables. Can be used for silent malware installation. |
| 8! | Multiple Mozilla / Firefox / Thinderbird vulnerabilities
updated since 03.02.2006
|
| | Javascript code execution, heap memory corruption with styles, memory corruption with QueryInterface, code execution with XULDocument.persist(), multiple integer overflows, information leak from nsExpatDriver::ParseBuffer().
Silen trojan code installation is potentially possible. |
| 7! | Netscape / Mozilla / Firefox buffer overflow
updated since 09.09.2005
|
| | Buffer overflow on the links with international domain names (IDN). |
| 8! | Multiple Mozilla / Firefox / Funderbird browsers and mail agent vulnerabilities
updated since 13.07.2005
|
| | Multiple crossite scripting vulnerabilities, bypassing scripting protection, code execution. |
| 6! | Mozilla / Furefox / Thunderbird browsers GIF files buffer overflow
updated since 24.03.2005
|
| | Buffer overflow on GIF file parsing. |
| | Multiple browsers dialog content spoofing
|
| | It's possible to spoof dialog window origin. |
| 8! | Multiple Mozilla / Firefox / Netscape vulnerabilities
|
| | Few combined vulnerabilities allow to download and execute file on client machine. |
| 8! | Multiple Netscape / Mozilla / Firefox vulnerabilities
|
| | Search content hijacking with search plugins, crossite scripting with link tag. |
| 6! | Mozilla / Firefox / Netscape javascript information leak
|
| | It's possible to access random heap content with string replacement functions. |
| | Mozilla and Firefox browsers buffer overflow
|
| | Heap based buffer overflow in text processing functions. |
| | Moziila/Firefox file download dialog location spoofing
|
| | Problem with displaying oversized domain names. |
| 7! | Mozilla buffer overflow
|
| | Dynamic memory overflow on news:// URL. |
| 6! | Mozilla and Opera information leak
updated since 02.12.2004
|
| | By using local_files object it's possible to obtain local files list. Under some conditions it' possible ot retrieve file content. |
| 7! | Multiple libpng bugs
updated since 05.08.2004
|
| | Stack overflow, NULL pointer dereference, integer overflows. |
| | Multiple browsers tab vulnerabilities
|
| | Multiple browsers allow tab spoofing. |
| 8! | Multiple Mozilla bugs
updated since 18.09.2004
|
| | Buffer overflows in e-mail VCards, bitmpa decoders, UTF-8 conversion, POP3 protocol handling, send page feature; crossite scripting via link dragging. |
| | Mozilla crossite scripting
|
| | By using local cache it's possible to access local files. |
| 6! | Mozilla Network Neighbourhood code execution
|
| | By using shell:NETHOOD\ URL it's possible to execute file from any Network Neighbourhood host. |
| | |
