Описание
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 35.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [35.0+build3-0ubuntu0.14.04.2]] |
| lucid | ignored | end of life |
| precise | released | 35.0+build3-0ubuntu0.12.04.2 |
| trusty | released | 35.0+build3-0ubuntu0.14.04.2 |
| trusty/esm | DNE | trusty was released [35.0+build3-0ubuntu0.14.04.2] |
| upstream | released | 35.0 |
| utopic | released | 35.0+build3-0ubuntu0.14.10.2 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaM ...
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
7.5 High
CVSS2