Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2006-0299

Опубликовано: 02 фев. 2006
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.4

Описание

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
edgy

released

2.0.0.6+0dfsg-0ubuntu0.6.10
feisty

released

2.0.0.6+1-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0~alpha7-0ubuntu6
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.5-0ubuntu4
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

0.1.6b-0ubuntu2
edgy

DNE

feisty

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.5.0.13-0ubuntu0.6.06
devel

DNE

edgy

released

1.5.0.13-0ubuntu0.6.10
feisty

released

1.5.0.13-0ubuntu0.7.04
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%
0.01276
Низкий

6.4 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2006-0299

nvd
больше 19 лет назад

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

debian логотип

CVE-2006-0299

debian
больше 19 лет назад

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...

github логотип

GHSA-54xf-f642-5wh5

github
больше 3 лет назад

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

EPSS

Процентиль: 79%
0.01276
Низкий

6.4 Medium

CVSS2