GCVE - cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:mozilla_suite:1.7.11:*:*:*:*:*:*:*

part: a version: 1.7.11 update: *

Vendor	Mozilla (`be1b0d4e-21a7-5a25-9982-bbda6ef43ec1`)
Product	Mozilla Suite (`043143bd-77e5-5461-9d55-72a4af5fb88b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-1742`	vulnerable	2026-06-03 14:27:25.105186	Details available The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.433Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808 http://www.redhat.com/support/errata/RHSA-2006-0330.html http://secunia.com/advisories/19902 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1740`	vulnerable	2026-06-03 14:27:25.102955	Details available Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.575Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://www.securityfocus.com/archive/1/438730/100/0/threaded http://secunia.com/advisories/19941	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1739`	vulnerable	2026-06-03 14:27:25.101658	Details available The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.410Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/935556 https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1738`	vulnerable	2026-06-03 14:27:25.100274	Details available Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles. Published: 2006-04-14T18:00:00.000Z Updated: 2024-08-07T17:19:49.467Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1737`	vulnerable	2026-06-03 14:27:25.098927	Details available Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression. Published: 2006-04-14T18:00:00.000Z Updated: 2024-08-07T17:19:49.504Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ https://exchange.xforce.ibmcloud.com/vulnerabilities/25808 http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1736`	vulnerable	2026-06-03 14:27:25.097626	Details available Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.590Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://secunia.com/advisories/19902 https://exchange.xforce.ibmcloud.com/vulnerabilities/25814 http://www.securityfocus.com/archive/1/438730/100/0/threaded http://secunia.com/advisories/19941	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1735`	vulnerable	2026-06-03 14:27:25.096407	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.663Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1734`	vulnerable	2026-06-03 14:27:25.095041	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.492Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1733`	vulnerable	2026-06-03 14:27:25.093367	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain." Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.542Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1731`	vulnerable	2026-06-03 14:27:25.086655	Details available Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.474Z Open on db.gcve.eu Reference links https://usn.ubuntu.com/275-1/ http://www.redhat.com/support/errata/RHSA-2006-0330.html http://secunia.com/advisories/19902 ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc https://usn.ubuntu.com/276-1/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1730`	vulnerable	2026-06-03 14:27:25.084695	Details available Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow. Published: 2006-04-14T10:00:00.000Z Updated: 2024-08-07T17:19:49.508Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2006/mfsa2006-22.html https://usn.ubuntu.com/275-1/ http://www.vupen.com/english/advisories/2006/3748 http://www.redhat.com/support/errata/RHSA-2006-0330.html http://www.securityfocus.com/archive/1/434524/100/0/threaded	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.