Mozilla Firefox prior to 2.0.0.12, Thunderbird prior to 2.0.0.12, and SeaMonkey prior to 1.1.8 allows remote malicious users to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird |
||
mozilla seamonkey |
||
mozilla firefox |