The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 3.6.19 (including) |
Firefox | Mozilla | 1.0 (including) | 1.0 (including) |
Firefox | Mozilla | 1.0-preview_release (including) | 1.0-preview_release (including) |
Firefox | Mozilla | 1.0.1 (including) | 1.0.1 (including) |
Firefox | Mozilla | 1.0.2 (including) | 1.0.2 (including) |
Firefox | Mozilla | 1.0.3 (including) | 1.0.3 (including) |
Firefox | Mozilla | 1.0.4 (including) | 1.0.4 (including) |
Firefox | Mozilla | 1.0.5 (including) | 1.0.5 (including) |
Firefox | Mozilla | 1.0.6 (including) | 1.0.6 (including) |
Firefox | Mozilla | 1.0.7 (including) | 1.0.7 (including) |
Firefox | Mozilla | 1.0.8 (including) | 1.0.8 (including) |
Firefox | Mozilla | 1.5 (including) | 1.5 (including) |
Firefox | Mozilla | 1.5-beta1 (including) | 1.5-beta1 (including) |
Firefox | Mozilla | 1.5-beta2 (including) | 1.5-beta2 (including) |
Firefox | Mozilla | 1.5.0.1 (including) | 1.5.0.1 (including) |
Firefox | Mozilla | 1.5.0.2 (including) | 1.5.0.2 (including) |
Firefox | Mozilla | 1.5.0.3 (including) | 1.5.0.3 (including) |
Firefox | Mozilla | 1.5.0.4 (including) | 1.5.0.4 (including) |
Firefox | Mozilla | 1.5.0.5 (including) | 1.5.0.5 (including) |
Firefox | Mozilla | 1.5.0.6 (including) | 1.5.0.6 (including) |
Firefox | Mozilla | 1.5.0.7 (including) | 1.5.0.7 (including) |
Firefox | Mozilla | 1.5.0.8 (including) | 1.5.0.8 (including) |
Firefox | Mozilla | 1.5.0.9 (including) | 1.5.0.9 (including) |
Firefox | Mozilla | 1.5.0.10 (including) | 1.5.0.10 (including) |
Firefox | Mozilla | 1.5.0.11 (including) | 1.5.0.11 (including) |
Firefox | Mozilla | 1.5.0.12 (including) | 1.5.0.12 (including) |
Firefox | Mozilla | 1.5.1 (including) | 1.5.1 (including) |
Firefox | Mozilla | 1.5.2 (including) | 1.5.2 (including) |
Firefox | Mozilla | 1.5.3 (including) | 1.5.3 (including) |
Firefox | Mozilla | 1.5.4 (including) | 1.5.4 (including) |
Firefox | Mozilla | 1.5.5 (including) | 1.5.5 (including) |
Firefox | Mozilla | 1.5.6 (including) | 1.5.6 (including) |
Firefox | Mozilla | 1.5.7 (including) | 1.5.7 (including) |
Firefox | Mozilla | 1.5.8 (including) | 1.5.8 (including) |
Firefox | Mozilla | 2.0 (including) | 2.0 (including) |
Firefox | Mozilla | 2.0.0.1 (including) | 2.0.0.1 (including) |
Firefox | Mozilla | 2.0.0.2 (including) | 2.0.0.2 (including) |
Firefox | Mozilla | 2.0.0.3 (including) | 2.0.0.3 (including) |
Firefox | Mozilla | 2.0.0.4 (including) | 2.0.0.4 (including) |
Firefox | Mozilla | 2.0.0.5 (including) | 2.0.0.5 (including) |
Firefox | Mozilla | 2.0.0.6 (including) | 2.0.0.6 (including) |
Firefox | Mozilla | 2.0.0.7 (including) | 2.0.0.7 (including) |
Firefox | Mozilla | 2.0.0.8 (including) | 2.0.0.8 (including) |
Firefox | Mozilla | 2.0.0.9 (including) | 2.0.0.9 (including) |
Firefox | Mozilla | 2.0.0.10 (including) | 2.0.0.10 (including) |
Firefox | Mozilla | 2.0.0.11 (including) | 2.0.0.11 (including) |
Firefox | Mozilla | 2.0.0.12 (including) | 2.0.0.12 (including) |
Firefox | Mozilla | 2.0.0.13 (including) | 2.0.0.13 (including) |
Firefox | Mozilla | 2.0.0.14 (including) | 2.0.0.14 (including) |
Firefox | Mozilla | 2.0.0.15 (including) | 2.0.0.15 (including) |
Firefox | Mozilla | 2.0.0.16 (including) | 2.0.0.16 (including) |
Firefox | Mozilla | 2.0.0.17 (including) | 2.0.0.17 (including) |
Firefox | Mozilla | 2.0.0.18 (including) | 2.0.0.18 (including) |
Firefox | Mozilla | 2.0.0.19 (including) | 2.0.0.19 (including) |
Firefox | Mozilla | 2.0.0.20 (including) | 2.0.0.20 (including) |
Firefox | Mozilla | 3.0 (including) | 3.0 (including) |
Firefox | Mozilla | 3.0.1 (including) | 3.0.1 (including) |
Firefox | Mozilla | 3.0.2 (including) | 3.0.2 (including) |
Firefox | Mozilla | 3.0.3 (including) | 3.0.3 (including) |
Firefox | Mozilla | 3.0.4 (including) | 3.0.4 (including) |
Firefox | Mozilla | 3.0.5 (including) | 3.0.5 (including) |
Firefox | Mozilla | 3.0.6 (including) | 3.0.6 (including) |
Firefox | Mozilla | 3.0.7 (including) | 3.0.7 (including) |
Firefox | Mozilla | 3.0.8 (including) | 3.0.8 (including) |
Firefox | Mozilla | 3.0.9 (including) | 3.0.9 (including) |
Firefox | Mozilla | 3.0.10 (including) | 3.0.10 (including) |
Firefox | Mozilla | 3.0.11 (including) | 3.0.11 (including) |
Firefox | Mozilla | 3.0.12 (including) | 3.0.12 (including) |
Firefox | Mozilla | 3.0.13 (including) | 3.0.13 (including) |
Firefox | Mozilla | 3.0.14 (including) | 3.0.14 (including) |
Firefox | Mozilla | 3.0.15 (including) | 3.0.15 (including) |
Firefox | Mozilla | 3.0.16 (including) | 3.0.16 (including) |
Firefox | Mozilla | 3.0.17 (including) | 3.0.17 (including) |
Firefox | Mozilla | 3.5 (including) | 3.5 (including) |
Firefox | Mozilla | 3.5.1 (including) | 3.5.1 (including) |
Firefox | Mozilla | 3.5.2 (including) | 3.5.2 (including) |
Firefox | Mozilla | 3.5.3 (including) | 3.5.3 (including) |
Firefox | Mozilla | 3.5.4 (including) | 3.5.4 (including) |
Firefox | Mozilla | 3.5.5 (including) | 3.5.5 (including) |
Firefox | Mozilla | 3.5.6 (including) | 3.5.6 (including) |
Firefox | Mozilla | 3.5.7 (including) | 3.5.7 (including) |
Firefox | Mozilla | 3.5.8 (including) | 3.5.8 (including) |
Firefox | Mozilla | 3.5.9 (including) | 3.5.9 (including) |
Firefox | Mozilla | 3.5.10 (including) | 3.5.10 (including) |
Firefox | Mozilla | 3.5.11 (including) | 3.5.11 (including) |
Firefox | Mozilla | 3.5.12 (including) | 3.5.12 (including) |
Firefox | Mozilla | 3.5.13 (including) | 3.5.13 (including) |
Firefox | Mozilla | 3.5.14 (including) | 3.5.14 (including) |
Firefox | Mozilla | 3.5.15 (including) | 3.5.15 (including) |
Firefox | Mozilla | 3.5.16 (including) | 3.5.16 (including) |
Firefox | Mozilla | 3.5.17 (including) | 3.5.17 (including) |
Firefox | Mozilla | 3.5.18 (including) | 3.5.18 (including) |
Firefox | Mozilla | 3.5.19 (including) | 3.5.19 (including) |
Firefox | Mozilla | 3.6 (including) | 3.6 (including) |
Firefox | Mozilla | 3.6.2 (including) | 3.6.2 (including) |
Firefox | Mozilla | 3.6.3 (including) | 3.6.3 (including) |
Firefox | Mozilla | 3.6.4 (including) | 3.6.4 (including) |
Firefox | Mozilla | 3.6.6 (including) | 3.6.6 (including) |
Firefox | Mozilla | 3.6.7 (including) | 3.6.7 (including) |
Firefox | Mozilla | 3.6.8 (including) | 3.6.8 (including) |
Firefox | Mozilla | 3.6.9 (including) | 3.6.9 (including) |
Firefox | Mozilla | 3.6.10 (including) | 3.6.10 (including) |
Firefox | Mozilla | 3.6.11 (including) | 3.6.11 (including) |
Firefox | Mozilla | 3.6.12 (including) | 3.6.12 (including) |
Firefox | Mozilla | 3.6.13 (including) | 3.6.13 (including) |
Firefox | Mozilla | 3.6.14 (including) | 3.6.14 (including) |
Firefox | Mozilla | 3.6.15 (including) | 3.6.15 (including) |
Firefox | Mozilla | 3.6.16 (including) | 3.6.16 (including) |
Firefox | Mozilla | 3.6.17 (including) | 3.6.17 (including) |
Firefox | Mozilla | 3.6.18 (including) | 3.6.18 (including) |
Red Hat Enterprise Linux 4 | RedHat | firefox-0:3.6.20-2.el4 | * |
Red Hat Enterprise Linux 5 | RedHat | firefox-0:3.6.20-2.el5 | * |
Red Hat Enterprise Linux 5 | RedHat | xulrunner-0:1.9.2.20-2.el5 | * |
Red Hat Enterprise Linux 6 | RedHat | firefox-0:3.6.20-2.el6_1 | * |
Red Hat Enterprise Linux 6 | RedHat | xulrunner-0:1.9.2.20-2.el6_1 | * |
Firefox | Ubuntu | hardy | * |
Firefox | Ubuntu | lucid | * |
Firefox | Ubuntu | maverick | * |
Firefox | Ubuntu | upstream | * |
Firefox-3.0 | Ubuntu | hardy | * |
Seamonkey | Ubuntu | hardy | * |
Seamonkey | Ubuntu | lucid | * |
Seamonkey | Ubuntu | maverick | * |
Seamonkey | Ubuntu | natty | * |
Seamonkey | Ubuntu | oneiric | * |
Thunderbird | Ubuntu | hardy | * |
Thunderbird | Ubuntu | lucid | * |
Thunderbird | Ubuntu | maverick | * |
Thunderbird | Ubuntu | natty | * |
Thunderbird | Ubuntu | upstream | * |
Xulrunner-1.9.2 | Ubuntu | hardy | * |
Xulrunner-1.9.2 | Ubuntu | lucid | * |
Xulrunner-1.9.2 | Ubuntu | maverick | * |
Xulrunner-1.9.2 | Ubuntu | upstream | * |