GCVE - cpe:2.3:a:mozilla:seamonkey:*:alpha3:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:seamonkey:*:alpha3:*:*:*:*:*:*

part: a version: * update: alpha3

Vendor	Mozilla (`be1b0d4e-21a7-5a25-9982-bbda6ef43ec1`)
Product	Seamonkey (`9b67c4f8-e83e-55c8-8c3d-4a52e7d74102`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-2999`	vulnerable	2026-06-03 14:31:11.807141	Details available Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170. Published: 2011-09-29T00:00:00.000Z Updated: 2024-08-06T23:22:26.687Z Open on db.gcve.eu Reference links http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 https://bugzilla.mozilla.org/show_bug.cgi?id=665548 http://www.debian.org/security/2011/dsa-2312 http://secunia.com/advisories/46315 http://www.mozilla.org/security/announce/2011/mfsa2011-38.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-5074`	vulnerable	2026-06-03 14:30:45.016919	Details available The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack. Published: 2011-12-07T19:00:00.000Z Updated: 2024-08-07T04:09:38.583Z Open on db.gcve.eu Reference links http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14456	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2437`	vulnerable	2026-06-03 14:26:24.176745	Details available The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. Published: 2011-12-07T19:00:00.000Z Updated: 2024-09-17T03:53:56.889Z Open on db.gcve.eu Reference links http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/ http://w2spconf.com/2010/papers/p26.pdf http://bugzilla.mozilla.org/show_bug.cgi?id=147777 https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2436`	vulnerable	2026-06-03 14:26:24.143324	Details available The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. Published: 2011-12-07T19:00:00.000Z Updated: 2024-08-08T04:06:54.689Z Open on db.gcve.eu Reference links http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/ http://w2spconf.com/2010/papers/p26.pdf http://bugzilla.mozilla.org/show_bug.cgi?id=147777 https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector https://exchange.xforce.ibmcloud.com/vulnerabilities/71816	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.