Описание
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 |
| devel | DNE | |
| gutsy | released | 2.0.0.18+nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.19+nobinonly1-0ubuntu0.8.04.1 |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.0.4+nobinonly-0ubuntu2 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 3.0.4+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 3.0.4+nobinonly-0ubuntu0.8.10.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.9.0.4+nobinonly-0ubuntu1 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.9.0.4+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.4+nobinonly-0ubuntu0.8.10.1 |
| upstream | released | 1.9.0.4 |
Показывать по
EPSS
5.1 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: ...
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
EPSS
5.1 Medium
CVSS2