First published: Thu Oct 29 2009(Updated: )
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | =3.0-beta5 | |
Mozilla Firefox | =3.0.1 | |
Mozilla Firefox | =3.0.2 | |
Mozilla Firefox | =3.0.3 | |
Mozilla Firefox | =3.0.4 | |
Mozilla Firefox | =3.0.5 | |
Mozilla Firefox | =3.0.6 | |
Mozilla Firefox | =3.0.7 | |
Mozilla Firefox | =3.0.8 | |
Mozilla Firefox | =3.0.9 | |
Mozilla Firefox | =3.0.10 | |
Mozilla Firefox | =3.0.11 | |
Mozilla Firefox | =3.0.12 | |
Mozilla Firefox | =3.0.13 | |
Mozilla Firefox | =3.5.1 | |
Mozilla Firefox | =3.5.2 | |
Mozilla Firefox | =3.5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.