Описание
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614i-0ubuntu1 |
| devel | released | 3.0.5+nobinonly-0ubuntu0.8.04.1 |
| gutsy | released | 2.0.0.19+nobinonly1-0ubuntu0.7.10.1 |
| hardy | released | 2.0.0.19+nobinonly1-0ubuntu0.8.04.1 |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 3.0.5+nobinonly-0ubuntu0.8.04.1 |
| maverick | released | 3.0.5+nobinonly-0ubuntu0.8.04.1 |
| natty | released | 3.0.5+nobinonly-0ubuntu0.8.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 3.0.5+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 3.0.5+nobinonly-0ubuntu0.8.10.1 |
| jaunty | released | 3.0.5+nobinonly-0ubuntu1 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1 |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.15+nobinonly-0ubuntu2 |
| gutsy | DNE | |
| hardy | released | 1.1.15+nobinonly-0ubuntu0.8.04.2 |
| intrepid | released | 1.1.15+nobinonly-0ubuntu0.8.10.2 |
| jaunty | released | 1.1.15+nobinonly-0ubuntu2 |
| karmic | released | 1.1.15+nobinonly-0ubuntu2 |
| lucid | released | 1.1.15+nobinonly-0ubuntu2 |
| maverick | released | 1.1.15+nobinonly-0ubuntu2 |
| natty | released | 1.1.15+nobinonly-0ubuntu2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.0.0.19+nobinonly-0ubuntu1 |
| gutsy | released | 2.0.0.19+nobinonly-0ubuntu0.7.10.1 |
| hardy | released | 2.0.0.19+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 2.0.0.19+nobinonly-0ubuntu0.8.10.1 |
| jaunty | released | 2.0.0.19+nobinonly-0ubuntu1 |
| karmic | released | 2.0.0.19+nobinonly-0ubuntu1 |
| lucid | released | 2.0.0.19+nobinonly-0ubuntu1 |
| maverick | released | 2.0.0.19+nobinonly-0ubuntu1 |
| natty | released | 2.0.0.19+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1 |
| intrepid | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.10.1 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.9.0.5+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.5+nobinonly-0ubuntu0.8.10.1 |
| jaunty | released | 1.9.0.5+nobinonly-0ubuntu1 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0. ...
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
EPSS
5 Medium
CVSS2