Описание
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1 |
| devel | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
| feisty | released | 2.0.0.15+0nobinonly-0ubuntu0.7.4 |
| gutsy | released | 2.0.0.15+1nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.15+1nobinonly-0ubuntu0.8.04.2 |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
| maverick | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
| intrepid | not-affected | 3.0+nobinonly-0ubuntu2 |
| jaunty | not-affected | 3.0+nobinonly-0ubuntu2 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.11+nobinonly-0ubuntu1 |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 1.1.12+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.1.11+nobinonly-0ubuntu1 |
| jaunty | released | 1.1.11+nobinonly-0ubuntu1 |
| karmic | released | 1.1.11+nobinonly-0ubuntu1 |
| lucid | released | 1.1.11+nobinonly-0ubuntu1 |
| maverick | released | 1.1.11+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1 |
| intrepid | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.10.1 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
EPSS
7.5 High
CVSS2