VYPR

rpm package

opensuse/MozillaThunderbird&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,600)

  • CVE-2010-1213Jul 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the

  • CVE-2010-1212Jul 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagat

  • CVE-2010-1211Jul 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and a

  • CVE-2010-2754Jul 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error messa

  • CVE-2010-1205CriJun 30, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

  • CVE-2010-1203Jun 24, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.

  • CVE-2010-1202Jun 24, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possi

  • CVE-2010-1201Jun 24, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unkno

  • CVE-2010-1200Jun 24, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly

  • CVE-2010-1199Jun 24, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.

  • CVE-2010-1196Jun 24, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that

  • CVE-2010-1585Apr 28, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it

  • CVE-2010-0182Apr 5, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended

  • CVE-2010-0176Apr 5, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via uns

  • CVE-2010-0175Apr 5, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via

  • CVE-2010-0174Apr 5, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application cra

  • CVE-2010-0173Apr 5, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execut

  • CVE-2010-1121Mar 25, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with

  • CVE-2010-0159Feb 22, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors rel

  • CVE-2009-1571Feb 22, 2010
    affected < 45.5.1-1.1fixed 45.5.1-1.1

    Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects