Lucene search
MitreCVELIST:CVE-2010-0170HistoryMar 25, 2010 - 8:31 p.m.
CVE-2010-0170
2010-03-2520:31:00
mitre
www.cve.org
1
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
References
www.mandriva.com/security/advisories?name=MDVSA-2010:070
www.mozilla.org/security/announce/2010/mfsa2010-10.html
www.securityfocus.com/bid/38918
www.securityfocus.com/bid/38919
www.vupen.com/english/advisories/2010/0692
bugzilla.mozilla.org/show_bug.cgi?id=541530
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8602
Related
mozilla
mozilla
XSS via plugins and unprotected Location object — Mozilla
2010-03-23 00:00:00
ubuntucve
ubuntucve
CVE-2010-0170
2010-03-25 00:00:00
CVE-2011-2999
2011-09-28 00:00:00
cve
cve
CVE-2010-0170
2010-03-25 21:00:00
CVE-2011-2999
2011-09-29 00:55:01
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-10
2010-04-06 00:00:00
nvd
nvd
CVE-2010-0170
2010-03-25 21:00:00
CVE-2011-2999
2011-09-29 00:55:01
prion
prion
Cross site scripting
2010-03-25 21:00:00
Design/Logic Flaw
2011-09-29 00:55:00
seebug
seebug
Mozilla Firefox 3.6 window.location对象非授权数据访问漏洞
2010-03-24 00:00:00
cvelist
cvelist
CVE-2011-2999
2011-09-29 00:00:00
openvas
openvas
Firefox Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities (Mar 2010) - Windows
2010-03-30 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : firefox (MDVSA-2011:139)
2011-10-03 00:00:00
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:140)
2011-10-03 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00