Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 2.0.0.12 | 2.0.0.12 |
Seamonkey | Mozilla | * | 1.1.9 |
Seamonkey | Mozilla | 1.1.8 | 1.1.8 |
Seamonkey | Mozilla | 1.1.7 | 1.1.7 |
Seamonkey | Mozilla | 1.1.3 | 1.1.3 |
Firefox | Mozilla | 2.0.0.2 | 2.0.0.2 |
Seamonkey | Mozilla | 1.1.5 | 1.1.5 |
Firefox | Mozilla | 2.0.0.7 | 2.0.0.7 |
Seamonkey | Mozilla | 1.1 | 1.1 |
Firefox | Mozilla | 2.0.0.9 | 2.0.0.9 |
Seamonkey | Mozilla | 1.1.2 | 1.1.2 |
Firefox | Mozilla | 2.0 | 2.0 |
Firefox | Mozilla | * | 2.0.0.14 |
Firefox | Mozilla | 2.0.0.3 | 2.0.0.3 |
Firefox | Mozilla | 2.0.0.6 | 2.0.0.6 |
Seamonkey | Mozilla | 1.1.6 | 1.1.6 |
Firefox | Mozilla | 2.0.0.11 | 2.0.0.11 |
Firefox | Mozilla | 2.0.0.4 | 2.0.0.4 |
Firefox | Mozilla | 2.0.0.13 | 2.0.0.13 |
Firefox | Mozilla | 2.0.0.1 | 2.0.0.1 |
Firefox | Mozilla | 2.0.0.8 | 2.0.0.8 |
Firefox | Mozilla | 2.0.0.5 | 2.0.0.5 |
Firefox | Mozilla | 2.0.0.10 | 2.0.0.10 |
Seamonkey | Mozilla | 1.1.4 | 1.1.4 |