Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-0354

Опубликовано: 04 фев. 2009
Источник: ubuntu
Приоритет: low
CVSS2: 2.6

Описание

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.

РелизСтатусПримечание
dapper

not-affected

devel

DNE

gutsy

not-affected

hardy

not-affected

intrepid

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0.6+nobinonly-0ubuntu1
gutsy

ignored

end of life, was needed
hardy

released

3.0.6+nobinonly-0ubuntu0.8.04.1
intrepid

released

3.0.6+nobinonly-0ubuntu0.8.10.1
upstream

released

3.0.6

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

not-affected

hardy

DNE

intrepid

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

gutsy

DNE

hardy

not-affected

intrepid

not-affected

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

gutsy

not-affected

hardy

not-affected

intrepid

not-affected

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.0.6+nobinonly-0ubuntu1
gutsy

ignored

end of life, was needed
hardy

released

1.9.0.6+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.6+nobinonly-0ubuntu0.8.10.1
upstream

released

1.9.0.6

Показывать по

Ссылки на источники

2.6 Low

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-0354

redhat
почти 17 лет назад

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.

nvd логотип

CVE-2009-0354

nvd
почти 17 лет назад

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.

debian логотип

CVE-2009-0354

debian
почти 17 лет назад

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x ...

github логотип

GHSA-f7gf-49mv-q3m5

github
больше 3 лет назад

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.

oracle-oval логотип

ELSA-2009-0256

oracle-oval
почти 17 лет назад

ELSA-2009-0256: firefox security update (CRITICAL)

2.6 Low

CVSS2