Firefox prior to 1.0.5 allows remote malicious users to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 0.9 |
||
mozilla firefox 0.9.1 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 1.0.4 |
||
mozilla firefox 0.10 |
||
mozilla firefox 1.0 |
||
mozilla firefox 0.9.2 |
||
mozilla firefox 0.9.3 |
||
mozilla firefox 0.10.1 |
||
mozilla firefox 0.8 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.2 |