| 7! | Mozilla / Firefox / Firebird / Netscape array overflow
updated since 31.05.2006
|
 | | Array ovrflow on high marquee tag recursion level. |
| 9! | Multiple Mozilla / Firefox / Thunderbird / Netscape / Seamonkey security vulnerabilities
updated since 02.06.2006
|
| | Localzone scripting with code execution, memory corruption, HTTP response splitting, array overflow, javascript filtering bypass. |
| | Mozilla / Firefox / Netscape exceptions information leak
|
| | On exception raise message contains path to application installation and sometimes user's profile path. |
| 8! | Mozilla browsers and mail agents memory corruption
|
| | Memory corruption on displaying corrupted HTML tables. Can be used for silent malware installation. |
| 8! | Multiple Firefox / Netscape / SeaMonkey vulnerabilities
updated since 14.04.2006
|
| | Crossite scripting, memory corruptions, buffer overflows, array overflows, integer overflows. Can be exploited to silently install malware code. |
| | Mozilla CSS crossite scripting
|
| | -moz-binding: CSS allows to bind XBL with element and XBL may contains scripts. It may lead to crossite sripting within e.g. webmail. |
| 6! | Firefox / Opera code execution
updated since 21.09.2005
|
| | Command lines arguments can be pasted through URL if Firefox or Opera are invoked from external application in Unix-like systems. |
| 6! | Mozilla / Netscape / Firefox browsers buffer overflow
|
| | Buffer oveflow on "zero-width non-joiner" sequence of Arabic Unicode characters. |
| | Mozilla Firefox cleartext password leak
updated since 20.07.2005
|
| | Weak authentication algorithm may be choosen by browser even if stronger one is supported by server. |
| 7! | Netscape / Mozilla / Firefox buffer overflow
updated since 09.09.2005
|
| | Buffer overflow on the links with international domain names (IDN). |
| 8! | Multiple Mozilla / Firefox / Funderbird browsers and mail agent vulnerabilities
updated since 13.07.2005
|
| | Multiple crossite scripting vulnerabilities, bypassing scripting protection, code execution. |
| 6! | Mozilla / Furefox / Thunderbird browsers GIF files buffer overflow
updated since 24.03.2005
|
| | Buffer overflow on GIF file parsing. |
| | Multiple browsers dialog content spoofing
|
| | It's possible to spoof dialog window origin. |
| 8! | Multiple Mozilla / Firefox / Netscape vulnerabilities
|
| | Few combined vulnerabilities allow to download and execute file on client machine. |
| 8! | Multiple Netscape / Mozilla / Firefox vulnerabilities
|
| | Search content hijacking with search plugins, crossite scripting with link tag. |
| 6! | Multiple Mozilla / Firefox / Thunderbird browsers bugs
updated since 02.03.2005
|
| | Symbolic links problem, crossite XML data access, form autocomplete feature information leak, buffer overflows, data spoofing, invalid certificates handlings. |
| 6! | Mozilla / Firefox / Netscape javascript information leak
|
| | It's possible to access random heap content with string replacement functions. |
| | Mozilla and Firefox browsers buffer overflow
|
| | Heap based buffer overflow in text processing functions. |
| | Moziila/Firefox file download dialog location spoofing
|
| | Problem with displaying oversized domain names. |
| 6! | Mozilla and Opera information leak
updated since 02.12.2004
|
| | By using local_files object it's possible to obtain local files list. Under some conditions it' possible ot retrieve file content. |
| | |
