Revision Date: | 2013-04-29 | Version: | 12 | Title: | Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL. | Description: | Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL. | Family: | unix | Class: | vulnerability | Status: | ACCEPTED | Reference(s): | CVE-2010-0178
| Platform(s): | CentOS Linux 4 CentOS Linux 5 Oracle Linux 4 Oracle Linux 5 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5
| Product(s): | | Definition Synopsis | OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND firefox is earlier than 0:3.0.19-1.el4
OR OS Section: RHEL5, CentOS5, Oracle Linux 5
RHEL5, CentOS5 or Oracle Linux 5
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
xulrunner-devel-unstable is earlier than 0:1.9.0.19-1.el5_5
OR xulrunner-devel is earlier than 0:1.9.0.19-1.el5_5
OR firefox is earlier than 0:3.0.19-1.el5_5
OR xulrunner is earlier than 0:1.9.0.19-1.el5_5
|
|