PT-2006-2724 · Mozilla+2 · Firefox+5
Sync2D
·
Publicado
2006-04-14
·
Atualizado
2018-10-18
·
CVE-2006-1732
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Mozilla Firefox versions 1.0.x through 1.0.7
Mozilla Firefox versions 1.x through 1.4
Mozilla Thunderbird versions 1.0.x through 1.0.7
Mozilla Thunderbird versions 1.x through 1.4
Mozilla Suite versions prior to 1.7.13
SeaMonkey versions prior to 1.0
Description:
The issue allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the
window.controllers array.Recommendations:
For Mozilla Firefox versions 1.0.x through 1.0.7, update to version 1.0.8 or later.
For Mozilla Firefox versions 1.x through 1.4, update to version 1.5 or later.
For Mozilla Thunderbird versions 1.0.x through 1.0.7, update to version 1.0.8 or later.
For Mozilla Thunderbird versions 1.x through 1.4, update to version 1.5 or later.
For Mozilla Suite versions prior to 1.7.13, update to version 1.7.13 or later.
For SeaMonkey versions prior to 1.0, update to version 1.0 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Hp-Ux
Firefox
Suite
Thunderbird
Red Hat
Seamonkey