| Revision Date: | 2014-10-06 | Version: | 28 |
| Title: | The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior. |
| Description: | The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2011-3004
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Mozilla Firefox
Mozilla Seamonkey
|
| Definition Synopsis |
| Determine if the version of Mozilla Seamonkey is less than or equal to 2.3.3 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed
AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.3.3
AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1
OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0.1
Mozilla Seamonkey is installed
AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10
AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0.1
OR Determine if the version of Mozilla Firefox is equal to 4.0
Mozilla Firefox Mainline release is installed
AND Check for vulnerable version
Mozilla Firefox Mainline version is equal to 4.0
OR Determine if the version of Mozilla Firefox is equal to 6.0
Mozilla Firefox Mainline release is installed
AND Check for vulnerable version
Mozilla Firefox Mainline version is equal to 6.0
OR Determine if the version of Mozilla Firefox is equal to 5.0
Mozilla Firefox Mainline release is installed
AND Check for vulnerable version
Mozilla Firefox Mainline version is equal to 5.0
|