Mozilla Firefox 2.x prior to 2.0.0.1, 1.5.x prior to 1.5.0.9, Thunderbird prior to 1.5.0.9, and SeaMonkey prior to 1.0.7 allows remote malicious users to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla seamonkey |
||
mozilla thunderbird |
||
debian debian linux 4.0 |
||
debian debian linux 3.1 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 5.10 |