This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mozilla:seamonkey:1.0.5 |
| Detail | |||
|---|---|---|---|
| Vendor | Mozilla | First view | 2006-11-08 |
| Product | Seamonkey | Last view | 2013-04-03 |
| Version | 1.0.5 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mozilla:seamonkey | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 10 | 2013-04-03 | CVE-2013-0796 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0784 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0783 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0782 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0781 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 9.3 | 2013-02-19 | CVE-2013-0780 | Network | Medium | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0779 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0778 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0777 | Network | Low | None Requ... | |
| 4 | 2013-02-19 | CVE-2013-0776 | Network | High | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0775 | Network | Low | None Requ... | |
| 5 | 2013-02-19 | CVE-2013-0774 | Network | Low | None Requ... | |
| 10 | 2013-02-19 | CVE-2013-0773 | Network | Low | None Requ... | |
| 5.8 | 2013-02-19 | CVE-2013-0772 | Network | Medium | None Requ... | |
| 5 | 2013-02-19 | CVE-2013-0765 | Network | Low | None Requ... | |
| 9.3 | 2013-01-13 | CVE-2013-0771 | Network | Medium | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0770 | Network | Low | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0769 | Network | Low | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0768 | Network | Low | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0767 | Network | Low | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0766 | Network | Low | None Requ... | |
| 9.3 | 2013-01-13 | CVE-2013-0764 | Network | Medium | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0763 | Network | Low | None Requ... | |
| 10 | 2013-01-13 | CVE-2013-0762 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 29% (76) | CWE-399 | Resource Management Errors |
| 16% (43) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 13% (36) | CWE-264 | Permissions, Privileges, and Access Controls |
| 8% (23) | CWE-200 | Information Exposure |
| 7% (19) | CWE-189 | Numeric Errors |
| % | id | Name |
|---|---|---|
| 7% (19) | CWE-20 | Improper Input Validation |
| 6% (18) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 4% (11) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 1% (4) | CWE-310 | Cryptographic Issues |
| 1% (3) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (2) | CWE-287 | Improper Authentication |
| 0% (2) | CWE-16 | Configuration |
| 0% (1) | CWE-362 | Race Condition |
| 0% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 0% (1) | CWE-255 | Credentials Management |
CAPEC : Common Attack Pattern Enumeration & Classificatio
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| id | Name |
|---|---|
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-28 | Fuzzing |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10478 | Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozi... |
| oval:org.mitre.oval:def:10357 | Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird befo... |
| oval:org.mitre.oval:def:9304 | Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox ... |
| oval:org.mitre.oval:def:11496 | Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird befo... |
| oval:org.mitre.oval:def:11408 | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Fire... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:10661 | Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Fir... |
| oval:org.mitre.oval:def:9626 | Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firef... |
| oval:org.mitre.oval:def:10502 | Integer underflow in the SSLv2 support in Mozilla Network Security Services (... |
| oval:org.mitre.oval:def:10012 | Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox ... |
| oval:org.mitre.oval:def:8757 | GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x be... |
| oval:org.mitre.oval:def:9730 | Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.... |
| oval:org.mitre.oval:def:10086 | The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, a... |
| oval:org.mitre.oval:def:11665 | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly imp... |
| oval:org.mitre.oval:def:11313 | Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before ... |
| oval:org.mitre.oval:def:9763 | The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0... |
| oval:org.mitre.oval:def:11014 | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and S... |
| oval:org.mitre.oval:def:11579 | Stack-based buffer overflow in the URL parsing implementation in Mozilla Fire... |
| oval:org.mitre.oval:def:11005 | The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x befo... |
| oval:org.mitre.oval:def:10119 | modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0... |
| oval:org.mitre.oval:def:10075 | Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey... |
| oval:org.mitre.oval:def:10980 | Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird bef... |
| oval:org.mitre.oval:def:10752 | The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before ... |
| oval:org.mitre.oval:def:9900 | Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.... |
| oval:org.mitre.oval:def:9643 | The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0... |
| oval:org.mitre.oval:def:9950 | Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.... |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 77956 | Mozilla Multiple Product Large OGG |
| 77955 | Mozilla Multiple Product for Mac DOM Frame Deletion NULL Dereference Remote C... |
| 77954 | Mozilla Multiple Product SVG Animation accessKey Event Handling Disabled Java... |
| 77952 | Mozilla Multiple Product Multiple Unspecified Remote Memory Corruption |
| 77951 | Mozilla Multiple Product YARR Regular Expression Library Javascript Parsing R... |
| id | Description |
|---|---|
| 77609 | Mozilla Multiple Product CSS Token Sequence Parsing Timing Attack Remote Info... |
| 75847 | Mozilla Multiple Product Multiple Tab Handling Keystroke Disclosure |
| 75846 | Mozilla Multiple Product Use-after-free OGG File Handling Remote Code Execution |
| 75845 | Mozilla Multiple Product loadSubScript Method XPCNativeWrappers Unwrapping Re... |
| 75844 | Mozilla Multiple Product YARR Unspecified Memory Corruption |
| 75843 | Mozilla Multiple Product WebGL Test Case Unspecified Out-of-bounds Write Memo... |
| 75842 | Mozilla Multiple Product WebGL ANGLE GrowAtomTable() Function Overflow |
| 75841 | Mozilla Multiple Product Enter Key Download Dialog Verification Bypass |
| 75840 | Mozilla Multiple Product PLUGINSPAGE Enter Key Addon Installation Verificatio... |
| 75839 | Mozilla Multiple Product Multiple Header Handling HTTP Response Splitting Wea... |
| 75838 | Mozilla Multiple Product window.location Named Frame Creation Same Origin Pol... |
| 75836 | Mozilla Multiple Product Multiple Unspecified Memory Corruption (2011-2997) |
| 75834 | Mozilla Multiple Product Multiple Unspecified Memory Corruption (2011-2995) |
| 74593 | Mozilla Multiple Products Content Security Policy (CSP) Violation Report Prox... |
| 74590 | Mozilla Multiple Products WebGL Almost Native Graphics Layer Engine (ANGLE) S... |
| 74589 | Mozilla Multiple Products D2D API Same Origin Policy Bypass Image Data Disclo... |
| 74586 | Mozilla Multiple Products RegExp.input Property Same Origin Policy Bypass Inf... |
| 74585 | Mozilla Multiple Products Multiple Unspecified Memory Corruption (2011-2982) |
| 73188 | Mozilla Multiple Products Trailing Dot Cookie Cross-domain Information Disclo... |
| 73187 | Mozilla Multiple Products nsXULCommandDispatcher.cpp Use-after-free Remote Co... |
Milw0rm Exploits
| id | Description |
|---|---|
| 2009-07-15 | Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all) |
ExploitDB Exploits
| id | Description |
|---|---|
| 18531 | Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit |
| 17974 | Mozilla Firefox Array.reduceRight() Integer Overflow Exploit |
| 15104 | MOAUB #25 - Mozilla Firefox CSS font-face Remote Code Execution Vulnerability |
| 15027 | MOAUB #17 - Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code ... |
| 14949 | MOAUB #9 - Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability |
| id | Description |
|---|---|
| 12678 | Firefox 3.6.3 (latest) <= memory exhaustion crash vulnerabilities |
| 10544 | Mozilla Firefox Location Bar Spoofing Vulnerability |
| 9663 | Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit |
| 3340 | Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability |
Metasploit Exploits
| id | Description |
|---|---|
| 2011-06-21 | Mozilla Firefox Array.reduceRight() Integer Overflow |
| 2011-05-10 | Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability |
| 2011-05-10 | Mozilla Firefox 3.6.16 mChannel Use-After-Free |
| 2011-02-02 | Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability |
| 2011-12-06 | Firefox 8/9 AttributeChildRemoved() Use-After-Free |
