Lucene search
Mozilla FoundationMFSA2010-63HistorySep 07, 2010 - 12:00 a.m.
Information leak via XMLHttpRequest statusText — Mozilla
2010-09-0700:00:00
Mozilla Foundation
www.mozilla.org
18
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.1%
Matt Haggard reported that the statusText property of an XMLHttpRequest object is readable by the requestor even when the request is made across origins. This status information reveals the presence of a web server and could be used to gather information about servers on internal private networks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 3.5.12 | |
| firefox | lt | 3.6.9 | |
| seamonkey | lt | 2.0.7 | |
| thunderbird | lt | 3.0.7 | |
| thunderbird | lt | 3.1.3 |
Related
veracode
veracode
Information Disclosure
2020-04-10 00:48:09
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-63
2010-09-10 00:00:00
Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
2010-09-16 00:00:00
prion
prion
Cross site scripting
2010-09-09 19:00:00
cve
cve
CVE-2010-2764
2010-09-09 19:00:00
ubuntucve
ubuntucve
CVE-2010-2764
2010-09-07 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities (MFSA2010-51, MFSA2010-54, MFSA2010-56, MFSA2010-57) - Windows
2010-09-10 00:00:00
Fedora Update for galeon FEDORA-2010-14362
2010-09-10 00:00:00
RedHat Update for firefox RHSA-2010:0681-01
2010-09-10 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: mozvoikko-1.0-12.fc12
2010-09-09 01:23:44
[SECURITY] Fedora 12 Update: xulrunner-1.9.1.12-1.fc12
2010-09-09 01:23:44
[SECURITY] Fedora 12 Update: gnome-web-photo-0.9-9.fc12
2010-09-09 01:23:44
nessus
nessus
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Ubuntu 10.04 LTS : thunderbird regression (USN-978-2)
2010-09-17 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-09-08 00:00:00
Thunderbird regression
2010-09-16 00:00:00
Thunderbird vulnerabilities
2010-09-08 00:00:00
centos
centos
firefox, nspr, nss, xulrunner security update
2010-09-08 22:50:48
oraclelinux
oraclelinux
firefox security update
2010-09-08 00:00:00
redhat
redhat
(RHSA-2010:0681) Critical: firefox security update
2010-09-07 00:00:00
debian
debian
BSA-002 Security Update for iceweasel
2010-09-29 06:47:13
BSA-002 Security Update for iceweasel
2010-09-29 06:47:29
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-09-07 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-10-12 16:13:47
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.1%
Related for MFSA2010-63