GCVE - cpe:2.3:a:mozilla:mozilla:1.7.10:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:mozilla:1.7.10:*:*:*:*:*:*:*

part: a version: 1.7.10 update: *

Vendor	Mozilla (`be1b0d4e-21a7-5a25-9982-bbda6ef43ec1`)
Product	Mozilla (`5488dee4-fdb9-5fdb-bb63-5465af3d7de9`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github//mozilla/gecko-dev`	purl2cpe	2026-06-01 10:17:52.533196
`pkg:mozilla/mozilla-release`	purl2cpe	2026-06-01 10:17:52.533198

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-0496`	vulnerable	2026-06-03 14:27:21.339488	Details available Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding (Cascading Style Sheets) CSS property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts. Published: 2006-02-01T02:00:00.000Z Updated: 2024-08-07T16:34:14.832Z Open on db.gcve.eu Reference links http://www.davidpashley.com/cgi/pyblosxom.cgi/computing/livejournal-mozilla-bug.html https://bugzilla.mozilla.org/show_bug.cgi?id=324253 http://securitytracker.com/id?1015563 https://exchange.xforce.ibmcloud.com/vulnerabilities/24427 http://www.vupen.com/english/advisories/2006/0403	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-4685`	vulnerable	2026-06-03 14:27:13.997430	Details available Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site. Published: 2006-02-01T02:00:00.000Z Updated: 2024-08-07T23:53:28.695Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/15331 http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0123.html https://exchange.xforce.ibmcloud.com/vulnerabilities/25291	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.