Lucene search
Ubuntu.comUB:CVE-2010-0170HistoryMar 25, 2010 - 12:00 a.m.
CVE-2010-0170
2010-03-2500:00:00
ubuntu.com
ubuntu.com
13
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
67.9%
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected
window.location protection mechanism, which might allow remote attackers to
bypass the Same Origin Policy and conduct cross-site scripting (XSS)
attacks via vectors that are specific to each affected plugin.
Bugs
Related
prion
prion
Cross site scripting
2010-03-25 21:00:00
Design/Logic Flaw
2011-09-29 00:55:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-10
2010-04-06 00:00:00
cve
cve
CVE-2010-0170
2010-03-25 21:00:00
CVE-2011-2999
2011-09-29 00:55:00
mozilla
mozilla
XSS via plugins and unprotected Location object — Mozilla
2010-03-23 00:00:00
seebug
seebug
Mozilla Firefox 3.6 window.location对象非授权数据访问漏洞
2010-03-24 00:00:00
ubuntucve
ubuntucve
CVE-2011-2999
2011-09-28 00:00:00
openvas
openvas
Firefox Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities (Mar 2010) - Windows
2010-03-30 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:140)
2011-10-03 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2011:139)
2011-10-03 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
67.9%
Related for UB:CVE-2010-0170