Описание
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 17.0~b1+build1-0ubuntu1 |
| hardy | ignored | end of life |
| lucid | released | 16.0.2+build1-0ubuntu0.10.04.1 |
| natty | released | 16.0.2+build1-0ubuntu0.11.04.1 |
| oneiric | released | 16.0.2+build1-0ubuntu0.11.10.1 |
| precise | released | 16.0.2+build1-0ubuntu0.12.04.1 |
| quantal | released | 16.0.2+build1-0ubuntu0.12.10.1 |
| raring | released | 17.0~b1+build1-0ubuntu1 |
| saucy | released | 17.0~b1+build1-0ubuntu1 |
| upstream | released | 16.0.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.13.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 17.0~b3+build1-0ubuntu1 |
| hardy | ignored | end of life |
| lucid | released | 16.0.2+build1-0ubuntu0.10.04.1 |
| natty | ignored | end of life |
| oneiric | released | 16.0.2+build1-0ubuntu0.11.10.1 |
| precise | released | 16.0.2+build1-0ubuntu0.12.04.1 |
| quantal | released | 16.0.2+build1-0ubuntu0.12.10.1 |
| raring | released | 17.0~b3+build1-0ubuntu1 |
| saucy | released | 17.0~b3+build1-0ubuntu1 |
| upstream | released | 16.0.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | ignored | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | DNE | |
| natty | ignored | end of life |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunde ...
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
EPSS
6.4 Medium
CVSS2