Mozilla » Seamonkey : Security Vulnerabilities, CVEs, Published In February 2006 (Code Execution)

CVE-2006-0297

Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas.
Max CVSS
5.1
EPSS Score
93.92%
Published
2006-02-02
Updated
2018-10-19

CVE-2006-0295

Public exploit
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
Max CVSS
5.1
EPSS Score
96.97%
Published
2006-02-02
Updated
2018-10-19

CVE-2006-0294

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.
Max CVSS
7.5
EPSS Score
89.99%
Published
2006-02-02
Updated
2018-10-19
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close