Mozilla Firefox vulnerabilities

CVE-2008-2800 [MEDIUM] CWE-79 CVE-2008-2800: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Sam Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpReque

CVE-2008-2786 [CRITICAL] CVE-2008-2786: Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack o Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes.

CVE-2008-2785 [CRITICAL] CWE-189 CVE-2008-2785: Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey bef Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS objec

CVE-2008-2419 [MEDIUM] CWE-399 CVE-2008-2419: Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and a Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript

CVE-2008-2014 [MEDIUM] CWE-399 CVE-2008-2014: Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop.

CVE-2008-1380 [CRITICAL] CVE-2008-1380: The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.

CVE-2008-1240 [MEDIUM] CVE-2008-1240: LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse th LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195.

CVE-2008-1235 [CRITICAL] CVE-2008-1235: Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMo Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals."

CVE-2008-1233 [MEDIUM] CWE-94 CVE-2008-1233: Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMo Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."

CVE-2008-1236 [MEDIUM] CWE-399 CVE-2008-1236: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.

CVE-2008-1234 [MEDIUM] CWE-79 CVE-2008-1234: Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0. Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers."

CVE-2008-1237 [MEDIUM] CWE-399 CVE-2008-1237: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.

CVE-2008-1241 [MEDIUM] CWE-59 CVE-2008-1241: GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remot GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.

CVE-2008-1238 [MEDIUM] CWE-287 CVE-2008-1238: Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request

CVE-2008-0420 [CRITICAL] CWE-200 CVE-2008-0420: modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bou

CVE-2008-0416 [MEDIUM] CWE-79 CVE-2008-0416: Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-

CVE-2008-0592 [MEDIUM] CVE-2008-0592: Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser.

CVE-2008-0593 [MEDIUM] CWE-200 CVE-2008-0593: Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify t Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.

CVE-2008-0591 [MEDIUM] CVE-2008-0591: Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay tim Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".

CVE-2008-0594 [MEDIUM] CVE-2008-0594: Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire c Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.