Описание
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug."
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614e-0ubuntu3 |
| devel | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| feisty | released | 2.0.0.17+0nobinonly-0ubuntu0.7.4 |
| gutsy | released | 2.0.0.17+1nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.17+1nobinonly-0ubuntu0.8.04.1 |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| maverick | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 3.0.3+build1+nobinonly-0ubuntu1 |
| jaunty | released | 3.0.3+build1+nobinonly-0ubuntu1 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.6.06.1 |
| devel | DNE | |
| feisty | released | 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.7.04.1 |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.12+nobinonly-0ubuntu1 |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 1.1.12+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.1.12+nobinonly-0ubuntu1 |
| jaunty | released | 1.1.12+nobinonly-0ubuntu1 |
| karmic | released | 1.1.12+nobinonly-0ubuntu1 |
| lucid | released | 1.1.12+nobinonly-0ubuntu1 |
| maverick | released | 1.1.12+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.0.0.17+nobinonly-0ubuntu1 |
| feisty | DNE | |
| gutsy | released | 2.0.0.17+nobinonly-0ubuntu0.7.10.1 |
| hardy | released | 2.0.0.17+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 2.0.0.17+nobinonly-0ubuntu1 |
| jaunty | released | 2.0.0.17+nobinonly-0ubuntu1 |
| karmic | released | 2.0.0.17+nobinonly-0ubuntu1 |
| lucid | released | 2.0.0.17+nobinonly-0ubuntu1 |
| maverick | released | 2.0.0.17+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1 |
| intrepid | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.10.1 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.3+build1+nobinonly-0ubuntu2 |
| jaunty | released | 1.9.0.3+build1+nobinonly-0ubuntu2 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug."
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug."
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows r ...
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug."
EPSS
4.3 Medium
CVSS2