Mozilla Firefox vulnerabilities

CVE-2008-3836 [HIGH] CWE-264 CVE-2008-3836: feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.

CVE-2008-4066 [MEDIUM] CWE-79 CVE-2008-4066: Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cros Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug."

CVE-2008-4069 [MEDIUM] CWE-200 CVE-2008-4069: The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attacke The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file.

CVE-2008-4065 [MEDIUM] CWE-79 CVE-2008-4065: Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey bef Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are removed from JavaScript code before execution, aka "Stripped BOM characters bug."

CVE-2008-4067 [MEDIUM] CWE-22 CVE-2008-4067: Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbi Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.

CVE-2008-3444 [MEDIUM] CWE-20 CVE-2008-3444: The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a den The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set of legitimate HTML tags."

CVE-2008-3198 [HIGH] CVE-2008-3198: Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrom Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute arbitrary code using CVE-2008-2933.

CVE-2008-2933 [LOW] CWE-20 CVE-2008-2933: Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction

CVE-2008-2809 [MEDIUM] CWE-20 CVE-2008-2809: Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions be Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fiel

CVE-2008-2798 [CRITICAL] CWE-399 CVE-2008-2798: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and ea Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.

CVE-2008-2811 [CRITICAL] CWE-399 CVE-2008-2811: The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.

CVE-2008-2799 [CRITICAL] CWE-399 CVE-2008-2799: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and ea Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.

CVE-2008-2801 [HIGH] CWE-287 CVE-2008-2801: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, w Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.

CVE-2008-2802 [HIGH] CWE-264 CVE-2008-2802: Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."

CVE-2008-2806 [HIGH] CWE-20 CVE-2008-2806: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to by Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java LiveConnect.

CVE-2008-2808 [MEDIUM] CWE-79 CVE-2008-2808: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// U Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

CVE-2008-2807 [MEDIUM] CWE-200 CVE-2008-2807: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .prope Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.

CVE-2008-2805 [MEDIUM] CWE-20 CVE-2008-2805: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the uplo Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.

CVE-2008-2810 [MEDIUM] CWE-264 CVE-2008-2810: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut.

CVE-2008-2803 [MEDIUM] CWE-264 CVE-2008-2803: The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0. The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving