299518
|
|
[FIXr]XPCOM interface spoofing by using XBL <implementation>
|
Core
|
Security
|
bzbarsky
|
RESO
|
FIXE
|
2007-04-01
|
300936
|
|
ABR in XBM image leading to arbitrary code execution
|
Core
|
Graphics: ImageLib
|
cbiesinger
|
RESO
|
FIXE
|
2006-03-12
|
302263
|
|
XMLHttpRequest allows dangerous request headers to be set
|
Core
|
XML
|
darin.moz
|
RESO
|
FIXE
|
2006-08-20
|
307259
|
|
Firefox 1.0.6 buffer overflow with hostname of all soft hyphens [@ nsStringBuffer::Realloc] [@ nsCSubstring::Capacity] [@ nsGenericElement::~nsGenericElement]
|
Core
|
Networking
|
dbaron
|
RESO
|
FIXE
|
2011-06-13
|
303031
|
|
Need to bump version number to 1.7.12.
|
SeaMonkey
|
Build Config
|
bugzilla
|
RESO
|
FIXE
|
2005-09-23
|
306804
|
|
Content can open chrome windows by calling open() on a window that's already closed
|
Core
|
Security
|
bzbarsky
|
RESO
|
FIXE
|
2006-03-12
|
297078
|
|
setRequestHeader can be exploited using newline characters
|
Core
|
Networking: HTTP
|
darin.moz
|
RESO
|
FIXE
|
2006-08-20
|
308484
|
|
Extensions can't set Content-Length header for XMLHttpRequest
|
Core
|
XML
|
darin.moz
|
RESO
|
FIXE
|
2008-01-19
|
304754
|
|
document.write on an about: page changes document URI to non-about page
|
Core
|
DOM: Core & HTML
|
dveditz
|
RESO
|
FIXE
|
2019-03-13
|
306261
|
|
loading unsafe about: URLs using HTML forms
|
Core
|
Security
|
dveditz
|
RESO
|
FIXE
|
2006-03-12
|
300853
|
|
Caps crash on cleanup [@ DomainPolicy::Drop][@ 0x7a6f6d5c]
|
Core
|
Security: CAPS
|
g.maone
|
RESO
|
FIXE
|
2006-03-12
|
301180
|
|
crash if you stop search and hit the search button again (Mozilla 1.7 only)
|
SeaMonkey
|
MailNews: Message Di
|
mail
|
RESO
|
FIXE
|
2018-06-27
|
308281
|
|
installer changes for Firefox 1.0.7 / Mozilla 1.7.12 to remove files from IDN XPI
|
Firefox
|
Installer
|
mscott
|
RESO
|
FIXE
|
2006-03-12
|
302100
|
|
Firefox 1.0.6 crashes when loading any page if PAC script uses eval [@ nsJSPrincipalsSubsume]
|
Core
|
JavaScript Engine
|
timeless
|
RESO
|
FIXE
|
2011-06-09
|
303213
|
|
integer overflow in js
|
Core
|
JavaScript Engine
|
brendan
|
VERI
|
FIXE
|
2006-03-12
|
302809
|
|
AJAX regression: POST setRequestHeader causes NS_ERROR_ILLEGAL_VALUE for invalid headers
|
Core
|
Networking: HTTP
|
darin.moz
|
VERI
|
FIXE
|
2006-03-12
|
296134
|
|
Crash on unicode "zero width non-joiner" sequence
|
Core
|
Internationalization
|
MatsPalmgren_bugz
|
VERI
|
FIXE
|
2011-08-05
|
291178
|
|
InstallTrigger.getVersion gone in Firefox 1.0.3
|
Core Graveyard
|
Installer: XPInstall
|
pete
|
VERI
|
FIXE
|
2015-12-11
|
307185
|
|
URLs passed on the command line are parsed by the shell (bash).
|
Core Graveyard
|
Cmd-line Features
|
tuukka.tolvanen
|
VERI
|
FIXE
|
2009-05-04
|