QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-0179

Back to search

CVE-2010-0179

Published: Apr 5, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.

VendorProductVersions

n/a

n/a

affected
n/a

References

SUSE-SA:2011:003
vendor-advisory
x_refsource_SUSE
MDVSA-2010:251
vendor-advisory
x_refsource_MANDRIVA
39397
third-party-advisory
x_refsource_SECUNIA
39308
third-party-advisory
x_refsource_SECUNIA
42818
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:6971
vdb-entry
signature
x_refsource_OVAL
ADV-2010-0781
vdb-entry
x_refsource_VUPEN
USN-921-1
vendor-advisory
x_refsource_UBUNTU
39124
vdb-entry
x_refsource_BID
SUSE-SR:2010:013
vendor-advisory
x_refsource_SUSE
ADV-2010-0764
vdb-entry
x_refsource_VUPEN
ADV-2011-0030
vdb-entry
x_refsource_VUPEN
MDVSA-2010:070
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:9446
vdb-entry
signature
x_refsource_OVAL
39243
third-party-advisory
x_refsource_SECUNIA
ADV-2010-0748
vdb-entry
x_refsource_VUPEN
ADV-2010-0849
vdb-entry
x_refsource_VUPEN
1023783
vdb-entry
x_refsource_SECTRACK
DSA-2027
vendor-advisory
x_refsource_DEBIAN
3924
third-party-advisory
x_refsource_SECUNIA
RHSA-2010:0332
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now