Search Results (Refine Search)
- CPE Product Version: cpe:/a:mozilla:thunderbird:13.0.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-1971 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to garbage collection after certain MethodJIT execution, and unknown other vectors. Published: August 29, 2012; 6:56:39 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-1970 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Published: August 29, 2012; 6:56:39 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-1956 |
Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin. Published: August 29, 2012; 6:56:39 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-3079 |
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. Published: May 01, 2012; 6:12:04 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |