CVE-2010-3177

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.5.14 Mozilla Firefox versions 3.6.x prior to 3.6.11 SeaMonkey versions prior to 2.0.9

Description The issue allows remote attackers to inject arbitrary web script or HTML via a crafted name of a file or directory on a Gopher server, due to multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser.

Recommendations For Mozilla Firefox versions prior to 3.5.14, update to version 3.5.14 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.11, update to version 3.6.11 or later. For SeaMonkey versions prior to 2.0.9, update to version 2.0.9 or later.