Mozilla prior to 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla mozilla 0.9.2 |
||
mozilla mozilla 0.9.2.1 |
||
mozilla mozilla 0.9.6 |
||
mozilla mozilla 0.9.7 |
||
mozilla mozilla 1.0 |
||
mozilla mozilla 1.1 |
||
mozilla mozilla 1.3.1 |
||
mozilla mozilla 1.4 |
||
mozilla mozilla 0.9.4 |
||
mozilla mozilla 0.9.4.1 |
||
mozilla mozilla 1.0.1 |
||
mozilla mozilla 1.2.1 |
||
mozilla mozilla 1.2 |
||
mozilla mozilla 1.5 |
||
mozilla mozilla 0.8 |
||
mozilla mozilla 0.9.48 |
||
mozilla mozilla 0.9.5 |
||
mozilla mozilla 1.0.2 |
||
mozilla mozilla 1.3 |
||
mozilla mozilla 0.9.3 |
||
mozilla mozilla 0.9.35 |
||
mozilla mozilla 0.9.8 |
||
mozilla mozilla 0.9.9 |
||
mozilla mozilla 1.4.1 |