Описание
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1 |
| devel | not-affected | |
| edgy | released | 2.0.0.6+0dfsg-0ubuntu0.6.10 |
| feisty | released | 2.0.0.6+1-0ubuntu1 |
| gutsy | not-affected | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | released | 1.1.4-1ubuntu2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 0.5-0ubuntu4 |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | released | 0.5-0ubuntu4 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 0.1.6b-0ubuntu2 |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | released | 0.1.6b-0ubuntu2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.8.0.10-3ubuntu1 |
| edgy | ignored | end of life, was needed |
| feisty | released | 1.8.0.10-3ubuntu1 |
| gutsy | released | 1.8.0.10-3ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x befo ...
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
EPSS
7.5 High
CVSS2