Debian Firefox vulnerabilities

CVE-2006-1530 [HIGH] CVE-2006-1530: firefox - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonk... Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530,

CVE-2006-4253 [HIGH] CVE-2006-4253: firefox - Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote a... Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectl

CVE-2006-3802 [MEDIUM] CVE-2006-3802: firefox - Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before... Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)

CVE-2006-1736 [LOW] CVE-2006-1736: firefox - Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.... Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." opt

CVE-2006-3731 [LOW] CVE-2006-3731: firefox - Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cau... Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.6-1)

CVE-2006-5464 [MEDIUM] CVE-2006-5464: firefox - Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox bef... Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-4567 [LOW] CVE-2006-4567: firefox - Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for ... Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arb

CVE-2006-4568 [MEDIUM] CVE-2006-4568: firefox - Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attacker... Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.7-1)

CVE-2006-4561 [HIGH] CVE-2006-4561: firefox - Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary JavaScript ... Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker and that has a domain name under the attacker's control, which can force the browser to drop DNS pinning and perform a ne

CVE-2006-2723 [MEDIUM] CVE-2006-2723: firefox - Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial... Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified. Scope: local sid: resolved (fixed in 45.0-1)

CVE-2006-6500 [MEDIUM] CVE-2006-6500: firefox - Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1... Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. Scope:

CVE-2006-1725 [LOW] CVE-2006-1725: firefox - Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain win... Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)

CVE-2006-1045 [LOW] CVE-2006-1045: firefox - The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of rem... The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed. Sco

CVE-2006-1942 [MEDIUM] CVE-2006-1942: firefox - Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1... Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma

CVE-2006-2332 [LOW] CVE-2006-2332: firefox - Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via... Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.3-2)

CVE-2006-5160 [HIGH] CVE-2006-5160: firefox - Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors... Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I hone

CVE-2006-5633 [MEDIUM] CVE-2006-5633: firefox - Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a ... Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers to cause a denial of service (crash) by creating a range object using createRange, calling selectNode on a DocType node (DOCUMENT_TYPE_NODE), then calling createContextualFragment on the range, which triggers a null dereference. NOTE: the original Bugtraq post mentioned that code execution was poss

CVE-2006-1740 [LOW] CVE-2006-1740: firefox - Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.... Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-2)

CVE-2006-4569 [LOW] CVE-2006-4569: firefox - The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" d... The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.7-1)

CVE-2006-0749 [CRITICAL] CVE-2006-0749: firefox - nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.... nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption. Scope: local sid: r