Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-2472

Опубликовано: 22 июл. 2009
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

РелизСтатусПримечание
dapper

ignored

end of life
devel

not-affected

hardy

not-affected

intrepid

DNE

jaunty

DNE

karmic

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2
jaunty

released

1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1
karmic

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.1.1+build1+nobinonly-0ubuntu1
hardy

DNE

intrepid

DNE

jaunty

released

1.9.1.1+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.1.1+build1+nobinonly-0ubuntu1
upstream

needs-triage

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-2472

redhat
больше 16 лет назад

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

nvd логотип

CVE-2009-2472

nvd
больше 16 лет назад

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

debian логотип

CVE-2009-2472

debian
больше 16 лет назад

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrappe ...

github логотип

GHSA-xwvm-8xx6-229v

github
больше 3 лет назад

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

fstec логотип

BDU:2015-01739

fstec
почти 11 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

4.3 Medium

CVSS2