5 matches found
SUSE CVE-2012-3994
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting XSS attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and...
SUSE CVE-2015-5209
Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object...
Cross site scripting
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting XSS attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and...
Mozilla: top object and location property accessible by plugins (MFSA 2012-82)
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting XSS attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and...
Mozilla: top object and location property accessible by plugins (MFSA 2012-82)
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting XSS attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and...