Описание
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080323a-0ubuntu1 |
| devel | DNE | |
| edgy | released | 2.0.0.13+0nobinonly-0ubuntu0.6.10 |
| feisty | released | 2.0.0.13+0nobinonly-0ubuntu0.7.4 |
| gutsy | released | 2.0.0.13+1nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.13+1nobinonly-0ubuntu1 |
| intrepid | DNE | |
| upstream | released | 2.0.0.13 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | released | 1.1.9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.9+nobinonly-0ubuntu1 |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 1.1.9+nobinonly-0ubuntu1 |
| intrepid | released | 1.1.9+nobinonly-0ubuntu1 |
| upstream | released | 1.1.9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.8.1.13+nobinonly-0ubuntu1 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.13+nobinonly-0ubuntu1 |
| intrepid | released | 1.8.1.13+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195.
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1. ...
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195.
EPSS
5 Medium
CVSS2