Описание
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614c-0ubuntu1 |
| devel | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
| feisty | released | 2.0.0.15+0nobinonly-0ubuntu0.7.4 |
| gutsy | released | 2.0.0.15+1nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.15+1nobinonly-0ubuntu0.8.04.2 |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
| maverick | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | not-affected | 3.0+nobinonly-0ubuntu0.8.04.1 |
| intrepid | not-affected | 3.0+nobinonly-0ubuntu2 |
| jaunty | not-affected | 3.0+nobinonly-0ubuntu2 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.11+nobinonly-0ubuntu1 |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 1.1.12+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.1.11+nobinonly-0ubuntu1 |
| jaunty | released | 1.1.11+nobinonly-0ubuntu1 |
| karmic | released | 1.1.11+nobinonly-0ubuntu1 |
| lucid | released | 1.1.11+nobinonly-0ubuntu1 |
| maverick | released | 1.1.11+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1 |
| intrepid | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.10.1 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
EPSS
4.3 Medium
CVSS2