First published: Thu Aug 18 2011(Updated: )
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | =4.0-beta6 | |
Mozilla Firefox | =4.0-beta1 | |
Mozilla Firefox | =4.0-beta9 | |
Mozilla Firefox | =4.0-beta5 | |
Mozilla Firefox | =4.0-beta8 | |
Mozilla Firefox | =4.0-beta12 | |
Mozilla Firefox | =4.0-beta3 | |
Mozilla Firefox | =5.0 | |
Mozilla Firefox | =4.0-beta2 | |
Mozilla Firefox | =4.0-beta4 | |
Mozilla Firefox | =4.0-beta10 | |
Mozilla Firefox | =4.0 | |
Mozilla Firefox | =4.0-beta11 | |
Mozilla Firefox | =4.0-beta7 | |
Mozilla Firefox | =4.0.1 | |
Mozilla Thunderbird | =3.0.8 | |
Mozilla Thunderbird | =3.0.5 | |
Mozilla Thunderbird | =1.5.0.7 | |
Mozilla Thunderbird | =0.6 | |
Mozilla Thunderbird | =0.7.2 | |
Mozilla Thunderbird | =2.0.0.4 | |
Mozilla Thunderbird | =3.0.9 | |
Mozilla Thunderbird | =2.0.0.6 | |
Mozilla Thunderbird | =0.3 | |
Mozilla Thunderbird | =2.0.0.21 | |
Mozilla Thunderbird | =3.0.1 | |
Mozilla Thunderbird | =3.1.7 | |
Mozilla Thunderbird | =0.2 | |
Mozilla Thunderbird | =3.1.2 | |
Mozilla Thunderbird | =3.1.1 | |
Mozilla Thunderbird | =1.0.7 | |
Mozilla Thunderbird | =2.0.0.18 | |
Mozilla Thunderbird | =2.0.0.9 | |
Mozilla Thunderbird | =2.0.0.16 | |
Mozilla Thunderbird | =2.0.0.8 | |
Mozilla Thunderbird | =2.0.0.7 | |
Mozilla Thunderbird | =1.7.1 | |
Mozilla Thunderbird | =1.5.0.3 | |
Mozilla Thunderbird | =1.5.0.10 | |
Mozilla Thunderbird | =1.5.0.5 | |
Mozilla Thunderbird | =3.1.4 | |
Mozilla Thunderbird | =1.5.0.6 | |
Mozilla Thunderbird | =1.0 | |
Mozilla Thunderbird | =3.0.7 | |
Mozilla Thunderbird | =2.0.0.3 | |
Mozilla Thunderbird | =3.0.6 | |
Mozilla Thunderbird | =1.0.1 | |
Mozilla Thunderbird | =1.5-beta2 | |
Mozilla Thunderbird | =2.0.0.2 | |
Mozilla Thunderbird | =3.0.10 | |
Mozilla Thunderbird | =3.0.3 | |
Mozilla Thunderbird | =1.0.2 | |
Mozilla Thunderbird | =2.0.0.0 | |
Mozilla Thunderbird | =1.5.0.13 | |
Mozilla Thunderbird | =3.1.5 | |
Mozilla Thunderbird | =3.0.11 | |
Mozilla Thunderbird | =2.0.0.12 | |
Mozilla Thunderbird | =2.0.0.22 | |
Mozilla Thunderbird | =1.5 | |
Mozilla Thunderbird | =1.5.0.2 | |
Mozilla Thunderbird | =1.5.0.8 | |
Mozilla Thunderbird | =2.0.0.14 | |
Mozilla Thunderbird | =3.0.4 | |
Mozilla Thunderbird | <=5.0 | |
Mozilla Thunderbird | =0.5 | |
Mozilla Thunderbird | =1.0.4 | |
Mozilla Thunderbird | =1.5.2 | |
Mozilla Thunderbird | =2.0.0.17 | |
Mozilla Thunderbird | =2.0.0.23 | |
Mozilla Thunderbird | =1.5.0.9 | |
Mozilla Thunderbird | =1.5.0.11 | |
Mozilla Thunderbird | =0.9 | |
Mozilla Thunderbird | =1.0.3 | |
Mozilla Thunderbird | =2.0 | |
Mozilla Thunderbird | =3.0 | |
Mozilla Thunderbird | =1.5.0.12 | |
Mozilla Thunderbird | =0.7.3 | |
Mozilla Thunderbird | =0.4 | |
Mozilla Thunderbird | =1.5.1 | |
Mozilla Thunderbird | =0.7 | |
Mozilla Thunderbird | =1.5.0.14 | |
Mozilla Thunderbird | =3.1 | |
Mozilla Thunderbird | =1.0.6 | |
Mozilla Thunderbird | =3.1.3 | |
Mozilla Thunderbird | =2.0.0.5 | |
Mozilla Thunderbird | =3.1.6 | |
Mozilla Thunderbird | =1.7.3 | |
Mozilla Thunderbird | =2.0.0.1 | |
Mozilla Thunderbird | =1.5.0.1 | |
Mozilla Thunderbird | =1.0.8 | |
Mozilla Thunderbird | =0.1 | |
Mozilla Thunderbird | =0.7.1 | |
Mozilla Thunderbird | =1.0.5 | |
Mozilla Thunderbird | =0.8 | |
Mozilla Thunderbird | =3.0.2 | |
Mozilla Thunderbird | =2.0.0.19 | |
Mozilla Thunderbird | =1.5.0.4 | |
Mozilla SeaMonkey | =2.0.10 | |
Mozilla SeaMonkey | =1.1.10 | |
Mozilla SeaMonkey | =1.0.3 | |
Mozilla SeaMonkey | =1.1.8 | |
Mozilla SeaMonkey | =1.0.1 | |
Mozilla SeaMonkey | =1.1.7 | |
Mozilla SeaMonkey | =1.5.0.10 | |
Mozilla SeaMonkey | =1.0.6 | |
Mozilla SeaMonkey | =1.0.9 | |
Mozilla SeaMonkey | =1.1.3 | |
Mozilla SeaMonkey | =2.0.4 | |
Mozilla SeaMonkey | =1.0 | |
Mozilla SeaMonkey | =2.1-alpha2 | |
Mozilla SeaMonkey | =2.0.3 | |
Mozilla SeaMonkey | =2.0.2 | |
Mozilla SeaMonkey | =1.1.17 | |
Mozilla SeaMonkey | =2.0-alpha_2 | |
Mozilla SeaMonkey | =1.1.5 | |
Mozilla SeaMonkey | =2.0.8 | |
Mozilla SeaMonkey | =1.0.7 | |
Mozilla SeaMonkey | =1.0-beta | |
Mozilla SeaMonkey | =1.1-alpha | |
Mozilla SeaMonkey | =2.0-rc2 | |
Mozilla SeaMonkey | =2.0-alpha_3 | |
Mozilla SeaMonkey | =1.0-alpha | |
Mozilla SeaMonkey | =1.1.12 | |
Mozilla SeaMonkey | =1.1 | |
Mozilla SeaMonkey | =1.1.14 | |
Mozilla SeaMonkey | =2.0.11 | |
Mozilla SeaMonkey | =1.1.2 | |
Mozilla SeaMonkey | =2.0-beta_2 | |
Mozilla SeaMonkey | =1.0.2 | |
Mozilla SeaMonkey | =1.0.8 | |
Mozilla SeaMonkey | =1.1.11 | |
Mozilla SeaMonkey | =2.0-alpha_1 | |
Mozilla SeaMonkey | =1.5.0.9 | |
Mozilla SeaMonkey | =1.1-beta | |
Mozilla SeaMonkey | =1.1.1 | |
Mozilla SeaMonkey | =2.0.9 | |
Mozilla SeaMonkey | =2.1-alpha1 | |
Mozilla SeaMonkey | =1.5.0.8 | |
Mozilla SeaMonkey | =2.0.1 | |
Mozilla SeaMonkey | =1.0.5 | |
Mozilla SeaMonkey | =1.1.15 | |
Mozilla SeaMonkey | =1.1.6 | |
Mozilla SeaMonkey | =2.0.7 | |
Mozilla SeaMonkey | =1.1.16 | |
Mozilla SeaMonkey | =2.0-beta_1 | |
Mozilla SeaMonkey | =1.1.19 | |
Mozilla SeaMonkey | =2.0.5 | |
Mozilla SeaMonkey | =2.0-rc1 | |
Mozilla SeaMonkey | =1.0.4 | |
Mozilla SeaMonkey | =1.1.9 | |
Mozilla SeaMonkey | =1.1.13 | |
Mozilla SeaMonkey | =1.1.18 | |
Mozilla SeaMonkey | =2.0.6 | |
Mozilla SeaMonkey | =2.1-alpha3 | |
Mozilla SeaMonkey | =2.0 | |
Mozilla SeaMonkey | =1.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.