← voltar
CVE-2010-0178

CVE-2010-0178

EPSS 3.4%
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=546909http://secunia.com/advisories/39136http://secunia.com/advisories/39240http://secunia.com/advisories/39243http://secunia.com/advisories/39308http://secunia.com/advisories/39397http://securitytracker.com/id?1023776https://exchange.xforce.ibmcloud.com/vulnerabilities/57391https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10460https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6975http://ubuntu.com/usn/usn-921-1