The nsWindow implementation in the browser engine in Mozilla Firefox prior to 3.6.28 and 4.x up to and including 10.0, Firefox ESR 10.x prior to 10.0.3, Thunderbird prior to 3.1.20 and 5.0 up to and including 10.0, Thunderbird ESR 10.x prior to 10.0.3, and SeaMonkey prior to 2.8 does not check the validity of an instance after event dispatching, which allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla firefox |
||
mozilla firefox esr 10.0.1 |
||
mozilla firefox esr 10.0.2 |
||
mozilla firefox esr 10.0 |
||
mozilla thunderbird |
||
mozilla thunderbird esr 10.0 |
||
mozilla thunderbird esr 10.0.1 |
||
mozilla thunderbird esr 10.0.2 |
||
mozilla seamonkey 2.7.1 |
||
mozilla seamonkey 1.0 |
||
mozilla seamonkey 1.0.1 |
||
mozilla seamonkey 1.0.2 |
||
mozilla seamonkey 1.0.9 |
||
mozilla seamonkey 1.1 |
||
mozilla seamonkey 1.1.5 |
||
mozilla seamonkey 1.1.6 |
||
mozilla seamonkey 1.1.14 |
||
mozilla seamonkey 1.1.15 |
||
mozilla seamonkey 1.5.0.10 |
||
mozilla seamonkey 2.0 |
||
mozilla seamonkey 2.0.1 |
||
mozilla seamonkey 2.0.9 |
||
mozilla seamonkey 2.0.10 |
||
mozilla seamonkey 2.1 |
||
mozilla seamonkey 2.2 |
||
mozilla seamonkey 2.3.3 |
||
mozilla seamonkey 2.4 |
||
mozilla seamonkey 2.5 |
||
mozilla seamonkey 2.6.1 |
||
mozilla seamonkey 2.7 |
||
mozilla seamonkey - |
||
mozilla seamonkey 1.0.5 |
||
mozilla seamonkey 1.0.6 |
||
mozilla seamonkey 1.1.1 |
||
mozilla seamonkey 1.1.2 |
||
mozilla seamonkey 1.1.9 |
||
mozilla seamonkey 1.1.10 |
||
mozilla seamonkey 1.1.18 |
||
mozilla seamonkey 1.1.19 |
||
mozilla seamonkey 2.0.4 |
||
mozilla seamonkey 2.0.5 |
||
mozilla seamonkey 2.0.6 |
||
mozilla seamonkey 2.0.13 |
||
mozilla seamonkey 2.0.14 |
||
mozilla seamonkey 2.3 |
||
mozilla seamonkey 2.4.1 |
||
mozilla seamonkey 2.6 |
||
mozilla seamonkey 1.0.7 |
||
mozilla seamonkey 1.0.8 |
||
mozilla seamonkey 1.1.3 |
||
mozilla seamonkey 1.1.4 |
||
mozilla seamonkey 1.1.11 |
||
mozilla seamonkey 1.1.12 |
||
mozilla seamonkey 1.1.13 |
||
mozilla seamonkey 1.5.0.8 |
||
mozilla seamonkey 1.5.0.9 |
||
mozilla seamonkey 2.0.7 |
||
mozilla seamonkey 2.0.8 |
||
mozilla seamonkey 2.3.1 |
||
mozilla seamonkey 2.3.2 |
||
mozilla seamonkey 2.7.2 |
||
mozilla seamonkey 1.0.3 |
||
mozilla seamonkey 1.0.4 |
||
mozilla seamonkey 1.1.7 |
||
mozilla seamonkey 1.1.8 |
||
mozilla seamonkey 1.1.16 |
||
mozilla seamonkey 1.1.17 |
||
mozilla seamonkey 2.0.2 |
||
mozilla seamonkey 2.0.3 |
||
mozilla seamonkey 2.0.11 |
||
mozilla seamonkey 2.0.12 |
Vulmon