GCVE - cpe:2.3:a:mozilla:seamonkey:*:beta2:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:seamonkey:*:beta2:*:*:*:*:*:*

part: a version: * update: beta2

Vendor	Mozilla (`be1b0d4e-21a7-5a25-9982-bbda6ef43ec1`)
Product	Seamonkey (`9b67c4f8-e83e-55c8-8c3d-4a52e7d74102`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:gitlab/seamonkey-project/seamonkey-2.53-comm`	purl2cpe	2026-06-01 10:17:53.449649
`pkg:mozilla/seamonkey`	purl2cpe	2026-06-01 10:17:53.449651
`pkg:rpm/fedora/seamonkey`	purl2cpe	2026-06-01 10:17:53.449652

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-5604`	vulnerable	2026-06-03 14:33:22.102451	Details available The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.510Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2013/mfsa2013-95.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 http://rhn.redhat.com/errata/RHSA-2013-1480.html http://rhn.redhat.com/errata/RHSA-2013-1476.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5603`	vulnerable	2026-06-03 14:33:22.099237	Details available Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.512Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2013/mfsa2013-102.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://bugzilla.mozilla.org/show_bug.cgi?id=916404 https://security.gentoo.org/glsa/201504-01 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5602`	vulnerable	2026-06-03 14:33:22.095664	Details available The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.408Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 https://bugzilla.mozilla.org/show_bug.cgi?id=897678 http://rhn.redhat.com/errata/RHSA-2013-1480.html http://rhn.redhat.com/errata/RHSA-2013-1476.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5601`	vulnerable	2026-06-03 14:33:22.090942	Details available Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.550Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2013/mfsa2013-100.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 http://rhn.redhat.com/errata/RHSA-2013-1480.html http://rhn.redhat.com/errata/RHSA-2013-1476.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5600`	vulnerable	2026-06-03 14:33:22.087599	Details available Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.438Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2013/mfsa2013-100.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19172 https://security.gentoo.org/glsa/201504-01 http://rhn.redhat.com/errata/RHSA-2013-1480.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5599`	vulnerable	2026-06-03 14:33:22.083526	Details available Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.453Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2013/mfsa2013-100.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 http://rhn.redhat.com/errata/RHSA-2013-1480.html http://rhn.redhat.com/errata/RHSA-2013-1476.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5597`	vulnerable	2026-06-03 14:33:22.079758	Details available Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.584Z Open on db.gcve.eu Reference links http://www.mozilla.org/security/announce/2013/mfsa2013-98.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://bugzilla.mozilla.org/show_bug.cgi?id=918864 https://security.gentoo.org/glsa/201504-01 http://rhn.redhat.com/errata/RHSA-2013-1480.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5596`	vulnerable	2026-06-03 14:33:22.075866	Details available The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.420Z Open on db.gcve.eu Reference links https://bugzilla.mozilla.org/show_bug.cgi?id=910881 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19066	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5595`	vulnerable	2026-06-03 14:33:22.072031	Details available The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.440Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/63421 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18694 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html http://www.mozilla.org/security/announce/2013/mfsa2013-96.html https://security.gentoo.org/glsa/201504-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5593`	vulnerable	2026-06-03 14:33:22.068276	Details available The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.516Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19263 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html https://bugzilla.mozilla.org/show_bug.cgi?id=868327	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5591`	vulnerable	2026-06-03 14:33:22.064455	Details available Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.464Z Open on db.gcve.eu Reference links https://bugzilla.mozilla.org/show_bug.cgi?id=859892 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19015 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://security.gentoo.org/glsa/201504-01 http://www.mozilla.org/security/announce/2013/mfsa2013-93.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5590`	vulnerable	2026-06-03 14:33:21.983226	Details available Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Published: 2013-10-30T10:00:00.000Z Updated: 2024-08-06T17:15:21.675Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html https://bugzilla.mozilla.org/show_bug.cgi?id=860123 https://security.gentoo.org/glsa/201504-01 http://www.mozilla.org/security/announce/2013/mfsa2013-93.html https://bugzilla.mozilla.org/show_bug.cgi?id=893572	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.