) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2011-3664 |
Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site. Published: December 20, 2011; 11:02:01 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2011-3663 |
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page. Published: December 20, 2011; 11:02:01 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-3661 |
YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript. Published: December 20, 2011; 11:02:01 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2011-3660 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors. Published: December 20, 2011; 11:02:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2011-3654 |
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. Published: November 09, 2011; 6:55:03 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2011-3653 |
Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures. Published: November 09, 2011; 6:55:03 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2011-3652 |
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. Published: November 09, 2011; 6:55:03 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2011-1187 |
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." Published: March 10, 2011; 9:01:18 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |