Mozilla Firefox 1.5.x prior to 1.5.0.12 and 2.x prior to 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote malicious users to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.5.0.4 |
||
mozilla firefox 1.5.0.5 |
||
mozilla firefox 2.0.0.2 |
||
mozilla firefox 2.0.0.3 |
||
mozilla seamonkey 1.0.9 |
||
mozilla firefox 1.5.0.2 |
||
mozilla firefox 1.5.0.3 |
||
mozilla firefox 2.0 |
||
mozilla firefox 2.0.0.1 |
||
mozilla firefox 1.5.0.10 |
||
mozilla firefox 1.5.0.11 |
||
mozilla firefox 1.5.0.8 |
||
mozilla firefox 1.5.0.9 |
||
mozilla firefox 1.5 |
||
mozilla firefox 1.5.0.1 |
||
mozilla firefox 1.5.0.6 |
||
mozilla firefox 1.5.0.7 |
||
mozilla seamonkey 1.1.2 |