Mozilla Firefox prior to 1.8.0.13 and 1.8.1.x prior to 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote malicious users to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.0 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.8 |
||
mozilla firefox 1.5 |
||
mozilla firefox 1.5.0.5 |
||
mozilla firefox 1.5.0.6 |
||
mozilla firefox 1.0.2 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 1.5.0.1 |
||
mozilla firefox 1.5.0.10 |
||
mozilla firefox 1.5.0.11 |
||
mozilla firefox 1.0.6 |
||
mozilla firefox 1.0.7 |
||
mozilla firefox 1.5.0.3 |
||
mozilla firefox 1.5.0.4 |
||
mozilla firefox 1.5.2 |
||
mozilla firefox 1.5.3 |
||
mozilla firefox 1.5.0.7 |
||
mozilla firefox 1.5.0.8 |
||
mozilla firefox 1.5.6 |
||
mozilla firefox 1.5.7 |
||
mozilla firefox 1.5.4 |
||
mozilla firefox 1.5.5 |
||
mozilla firefox 1.0.4 |
||
mozilla firefox 1.0.5 |
||
mozilla firefox 1.5.0.12 |
||
mozilla firefox 1.5.0.2 |
||
mozilla firefox 1.5.0.9 |
||
mozilla firefox 1.5.1 |
||
mozilla firefox 1.5.8 |
||
mozilla firefox 1.8 |