Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:mozilla:firefox:1.0:preview_release
There are 1,624 matching records.
Displaying matches 1,621 through 1,624.
Vuln ID Summary CVSS Severity
CVE-2005-0231

Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."

Published: February 07, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2005-0145

Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.

Published: January 24, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2004-1156

Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

Published: December 31, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2003-1492

Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM