Mozilla Seamonkey vulnerabilities
694 known vulnerabilities affecting mozilla/seamonkey.
Total CVEs
694
CISA KEV
1
actively exploited
Public exploits
42
Exploited in wild
1
Severity breakdown
CRITICAL327HIGH76MEDIUM277LOW14
Vulnerabilities
Page 19 of 35
CVE-2011-0085CRITICALCVSS 10.0v1.0v1.0.1+46 more2011-06-30
CVE-2011-0085 [CRITICAL] CWE-399 CVE-2011-0085: Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18
Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater.
nvd
CVE-2011-2371CRITICALCVSS 10.0PoCv1.0v1.0.1+46 more2011-06-30
CVE-2011-2371 [CRITICAL] CWE-189 CVE-2011-2371: Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.
nvd
CVE-2011-2373HIGHCVSS 7.6v1.0v1.0.1+46 more2011-06-30
CVE-2011-2373 [HIGH] CWE-399 CVE-2011-2373: Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird bef
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
nvd
CVE-2011-2377MEDIUMCVSS 5.0v1.0v1.0.1+46 more2011-06-30
CVE-2011-2377 [MEDIUM] CWE-119 CVE-2011-2377: Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey throug
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.
nvd
CVE-2011-2362MEDIUMCVSS 5.0v1.0v1.0.1+46 more2011-06-30
CVE-2011-2362 [MEDIUM] CWE-264 CVE-2011-2362: Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distin
Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.
nvd
CVE-2011-0065CRITICALCVSS 10.0PoC≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0065 [CRITICAL] CWE-399 CVE-2011-0065: Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.
nvd
CVE-2011-0070CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0070 [CRITICAL] CVE-2011-0070: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerabil
nvd
CVE-2011-0073CRITICALCVSS 10.0PoC≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0073 [CRITICAL] CWE-20 CVE-2011-0073: Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properl
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
nvd
CVE-2011-0075CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0075 [CRITICAL] CVE-2011-0075: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0
nvd
CVE-2011-0072CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0072 [CRITICAL] CVE-2011-0072: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0
nvd
CVE-2011-0080CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0080 [CRITICAL] CVE-2011-0080: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 an
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
nvd
CVE-2011-0077CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0077 [CRITICAL] CVE-2011-0077: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0
nvd
CVE-2011-0069CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0069 [CRITICAL] CVE-2011-0069: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerabil
nvd
CVE-2011-0066CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0066 [CRITICAL] CWE-399 CVE-2011-0066: Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList.
nvd
CVE-2011-0074CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0074 [CRITICAL] CVE-2011-0074: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0
nvd
CVE-2011-0078CRITICALCVSS 10.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0078 [CRITICAL] CVE-2011-0078: Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0
nvd
CVE-2011-0076HIGHCVSS 7.5≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0076 [HIGH] CVE-2011-0076: Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.
Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors.
nvd
CVE-2011-0067MEDIUMCVSS 5.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0067 [MEDIUM] CWE-20 CVE-2011-0067: Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properl
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.
nvd
CVE-2011-0071MEDIUMCVSS 5.0≤ 2.0.13v1.0+45 more2011-05-07
CVE-2011-0071 [MEDIUM] CWE-22 CVE-2011-0071: Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderb
Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.
nvd
CVE-2011-1712MEDIUMCVSS 4.3≤ 2.0.13v1.0+44 more2011-04-15
CVE-2011-1712 [MEDIUM] CWE-200 CVE-2011-1712: The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWa
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to t
nvd