Vulnerability & Exploit Database

Displaying entries 1 - 10 of 34 in total

Results for: CVE-2007-1558 Back to search

SUSE Linux Security Advisory: SUSE-SU-2014:1100-1 Vulnerability

  • Severity: 10
  • Published: September 03, 2014

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incor...

RHSA-2009:1140: ruby security update Vulnerability

  • Severity: 7
  • Published: February 20, 2009

Ruby is an extensible, interpreted, object-oriented, scripting language. Ithas features to process text files and to do system management tasks.A flaw was found in the way the Ruby POP module processed certain APOPauthentication requests. By sending certain responses when the Ruby APOPmodule attempted to authenticate using APOP against a...

SUSE Linux Security Advisory: SUSE-SR:2008:011 Vulnerability

  • Severity: 10
  • Published: May 13, 2008

Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file.

Sun Patch: Mozilla 1.7_x86: Mozilla Firefox Web browser Vulnerability

  • Severity: 10
  • Published: March 10, 2008

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

Sun Patch: Mozilla 1.7: Mozilla Firefox Web browser Vulnerability

  • Severity: 10
  • Published: March 10, 2008

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

USN-520-1: fetchmail vulnerabilities Vulnerability

  • Severity: 5
  • Published: August 27, 2007

sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.

SUSE-SR:2007:014:vuln7: mutt APOP password disclosure problem Vulnerability

  • Severity: 3
  • Published: July 20, 2007

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (...

SUSE-SA:2007:036: Mozilla Firefox, Thunderbird, Seamonkey Vulnerability

  • Severity: 9
  • Published: June 27, 2007

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corrupt...

USN-469-1: Thunderbird vulnerabilities Vulnerability

  • Severity: 9
  • Published: May 31, 2007

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corrupt...

SUSE Linux Security Advisory: SUSE-SA:2007:036 Vulnerability

  • Severity: 9
  • Published: May 31, 2007

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corrupt...