漏洞标题
N/A
漏洞描述信息
在Mozilla Firefox 1.5.0.5之前、Thunderbird 1.5.0.5之前和SeaMonkey 1.0.3之前,多个漏洞允许远程攻击者导致服务拒绝(崩溃)并可能通过JavaScript执行任意代码,导致内存泄漏,包括(1)nsListControlFrame::FireMenuItemActiveEvent,(2)在内存不足的情况下字符串类缓冲区溢出,(3)表行和列组,(4)“匿名框选择器”在非ua样式表中,(5)“删除节点”的过时引用,以及(6)在删除上下文中运行加密.生成CRMF请求回调函数。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Mozilla Firefox/SeaMonkey/Thunderbird 多个JAVA脚本拒绝服务攻击漏洞
漏洞描述信息
Mozilla Firefox/SeaMonkey/Thunderbird都是Mozilla发布的WEB浏览器和邮件新闻组客户端产品。 上述产品中存在多个安全漏洞,具体如下: 允许远程攻击者造成拒绝服务攻击(崩溃)和可能利用JAVA脚本导致内存溢出引起任意代码执行.这些漏洞包括:(1) nsListControlFrame::FireMenuItemActiveEvent, (2)string class缓冲区溢出 (3) 列表和栏目, (4) "UA样式表的匿名选择项," (5) removed nod
CVSS信息
N/A
漏洞类别
授权问题