Описание
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 4.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| hardy | ignored | end of life |
| karmic | DNE | |
| lucid | released | 3.6.17+build3+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 3.6.17+build3+nobinonly-0ubuntu0.10.10.1 |
| natty | released | 4.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| oneiric | released | 4.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| precise | released | 4.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| quantal | released | 4.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | not-affected | 2.4.1-0ubuntu1 |
| precise | DNE | |
| quantal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | released | 1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1 |
| natty | released | 1.9.2.17+build3+nobinonly-0ubuntu1 |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.c ...
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
4.3 Medium
CVSS2