First published: Fri Jul 30 2010(Updated: )
The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | =3.5.1 | |
Mozilla Firefox | =3.5.2 | |
Mozilla Firefox | =3.5.3 | |
Mozilla Firefox | =3.5.4 | |
Mozilla Firefox | =3.5.5 | |
Mozilla Firefox | =3.5.6 | |
Mozilla Firefox | =3.5.7 | |
Mozilla Firefox | =3.5.9 | |
Mozilla Firefox | =3.5.10 | |
Mozilla Firefox | =3.6 | |
Mozilla Firefox | =3.6.1 | |
Mozilla Firefox | =3.6.2 | |
Mozilla Firefox | =3.6.3 | |
Mozilla Firefox | =3.6.4 | |
Mozilla Firefox | =3.6.6 | |
Mozilla Thunderbird | =3.0 | |
Mozilla Thunderbird | =3.0.1 | |
Mozilla Thunderbird | =3.0.2 | |
Mozilla Thunderbird | =3.0.3 | |
Mozilla Thunderbird | =3.0.4 | |
Mozilla Thunderbird | =3.0.5 | |
Mozilla Thunderbird | =3.1 | |
Mozilla SeaMonkey | <=2.0.5 | |
Mozilla SeaMonkey | =1.0 | |
Mozilla SeaMonkey | =1.0-alpha | |
Mozilla SeaMonkey | =1.0-beta | |
Mozilla SeaMonkey | =1.0.1 | |
Mozilla SeaMonkey | =1.0.2 | |
Mozilla SeaMonkey | =1.0.3 | |
Mozilla SeaMonkey | =1.0.4 | |
Mozilla SeaMonkey | =1.0.5 | |
Mozilla SeaMonkey | =1.0.6 | |
Mozilla SeaMonkey | =1.0.7 | |
Mozilla SeaMonkey | =1.0.8 | |
Mozilla SeaMonkey | =1.0.9 | |
Mozilla SeaMonkey | =1.1 | |
Mozilla SeaMonkey | =1.1-alpha | |
Mozilla SeaMonkey | =1.1-beta | |
Mozilla SeaMonkey | =1.1.1 | |
Mozilla SeaMonkey | =1.1.2 | |
Mozilla SeaMonkey | =1.1.3 | |
Mozilla SeaMonkey | =1.1.4 | |
Mozilla SeaMonkey | =1.1.5 | |
Mozilla SeaMonkey | =1.1.6 | |
Mozilla SeaMonkey | =1.1.7 | |
Mozilla SeaMonkey | =1.1.8 | |
Mozilla SeaMonkey | =1.1.9 | |
Mozilla SeaMonkey | =1.1.10 | |
Mozilla SeaMonkey | =1.1.11 | |
Mozilla SeaMonkey | =1.1.12 | |
Mozilla SeaMonkey | =1.1.13 | |
Mozilla SeaMonkey | =1.1.14 | |
Mozilla SeaMonkey | =1.1.15 | |
Mozilla SeaMonkey | =1.1.16 | |
Mozilla SeaMonkey | =1.1.17 | |
Mozilla SeaMonkey | =1.1.18 | |
Mozilla SeaMonkey | =1.1.19 | |
Mozilla SeaMonkey | =1.5.0.8 | |
Mozilla SeaMonkey | =1.5.0.9 | |
Mozilla SeaMonkey | =1.5.0.10 | |
Mozilla SeaMonkey | =2.0 | |
Mozilla SeaMonkey | =2.0-alpha_1 | |
Mozilla SeaMonkey | =2.0-alpha_2 | |
Mozilla SeaMonkey | =2.0-alpha_3 | |
Mozilla SeaMonkey | =2.0-beta_1 | |
Mozilla SeaMonkey | =2.0-beta_2 | |
Mozilla SeaMonkey | =2.0-rc1 | |
Mozilla SeaMonkey | =2.0-rc2 | |
Mozilla SeaMonkey | =2.0.1 | |
Mozilla SeaMonkey | =2.0.2 | |
Mozilla SeaMonkey | =2.0.3 | |
Mozilla SeaMonkey | =2.0.4 | |
Mozilla SeaMonkey | =2.0a1pre |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.