Search Results (Refine Search)
- CPE Product Version: cpe:/a:mozilla:seamonkey:2.13
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-4193 |
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site. Published: October 12, 2012; 6:44:20 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-4192 |
Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193. Published: October 12, 2012; 6:44:20 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-4191 |
The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. Published: October 12, 2012; 6:44:20 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3993 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue. Published: October 10, 2012; 1:55:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-3079 |
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. Published: May 01, 2012; 6:12:04 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |