| Revision Date: | 2013-04-29 | Version: | 12 | | Title: | Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. | | Description: | Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2010-0179
| | Platform(s): | CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
| Product(s): | | | Definition Synopsis | | OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND firefox is earlier than 0:3.0.19-1.el4
OR OS Section: RHEL5, CentOS5, Oracle Linux 5
RHEL5, CentOS5 or Oracle Linux 5
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
xulrunner-devel-unstable is earlier than 0:1.9.0.19-1.el5_5
OR xulrunner-devel is earlier than 0:1.9.0.19-1.el5_5
OR firefox is earlier than 0:3.0.19-1.el5_5
OR xulrunner is earlier than 0:1.9.0.19-1.el5_5
|
|