CVE-2010-3177
CVE-2010-3177
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefoxhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=556734http://secunia.com/advisories/42867https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12202http://support.avaya.com/css/P8/documents/100114250http://support.avaya.com/css/P8/documents/100120156http://www.debian.org/security/2010/dsa-2124http://www.mandriva.com/security/advisories?name=MDVSA-2010:210http://www.mozilla.org/security/announce/2010/mfsa2010-68.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0781.html