CVE-2011-2981

2011-08-18T18:55:00
ID CVE-2011-2981
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:33:00

Description

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.