| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-40529 |
327 |
|
|
2021-09-06 |
2022-12-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. |
|
2 |
CVE-2020-12405 |
362 |
|
|
2020-07-09 |
2022-05-03 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. |
|
3 |
CVE-2020-12392 |
22 |
|
Dir. Trav. |
2020-05-26 |
2022-04-26 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. |
|
4 |
CVE-2019-7317 |
416 |
|
|
2019-02-04 |
2022-05-23 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. |
|
5 |
CVE-2018-12383 |
522 |
|
|
2018-10-18 |
2019-10-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1. |
|
6 |
CVE-2012-1945 |
200 |
|
+Info |
2012-06-05 |
2017-12-29 |
2.9 |
None |
Local Network |
Medium |
Not required |
Partial |
None |
None |
|
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba. |
|
7 |
CVE-2012-0475 |
264 |
|
Bypass |
2012-04-25 |
2017-12-19 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields. |
|
8 |
CVE-2008-5503 |
|
|
|
2008-12-17 |
2018-10-03 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. |
|
9 |
CVE-2006-4570 |
|
|
Bypass |
2006-09-15 |
2017-10-11 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message. |
|
10 |
CVE-2006-4567 |
|
|
|
2006-09-15 |
2018-10-17 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update. |
|
11 |
CVE-2006-3812 |
|
|
|
2006-07-29 |
2018-10-17 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links. |
|
12 |
CVE-2006-2786 |
|
|
|
2006-06-02 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. |
|
13 |
CVE-2006-1740 |
|
|
|
2006-04-14 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site. |
|
14 |
CVE-2006-1736 |
|
|
|
2006-04-14 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename. |
|
15 |
CVE-2006-1045 |
|
|
+Info |
2006-03-07 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed. |
|
16 |
CVE-2006-0836 |
|
|
DoS |
2006-02-22 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field. |
|
17 |
CVE-2005-3402 |
|
|
Bypass +Info |
2005-11-01 |
2016-10-18 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers to obtain authentication information without detection via a man-in-the-middle (MITM) attack that bypasses TLS authentication or downgrades CRAM-MD5 authentication to plain authentication. |
|
18 |
CVE-2005-2602 |
|
|
|
2005-08-17 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks. |
|
19 |
CVE-2005-2353 |
|
|
|
2005-08-05 |
2018-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. |
|
20 |
CVE-2005-0142 |
|
|
|
2005-05-02 |
2017-10-11 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF. |
|
21 |
CVE-2004-1449 |
|
|
|
2004-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. |
