VYPR

rpm package

opensuse/MozillaThunderbird&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,600)

  • CVE-2010-3178Oct 21, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navi

  • CVE-2010-3176Oct 21, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and applic

  • CVE-2010-3175Oct 21, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vector

  • CVE-2010-3174Oct 21, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unkno

  • CVE-2010-3173Oct 21, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote atta

  • CVE-2010-3170Oct 21, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof ar

  • CVE-2010-3169Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application c

  • CVE-2010-3168Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (dele

  • CVE-2010-3167Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vect

  • CVE-2010-3166Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirection

  • CVE-2010-2769Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added

  • CVE-2010-2768Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-sit

  • CVE-2010-2767Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a de

  • CVE-2010-2766Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execut

  • CVE-2010-2765Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the

  • CVE-2010-2764Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of

  • CVE-2010-2762Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScr

  • CVE-2010-2760Sep 9, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tre

  • CVE-2010-2753HigJul 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which trigger

  • CVE-2010-2752Jul 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) value

Page 77 of 80