Mozilla Firefox prior to 2.0.0.15 and SeaMonkey prior to 1.1.10 do not properly implement JAR signing, which allows remote malicious users to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 2.0.0.12 |
||
mozilla firefox 2.0.0.13 |
||
mozilla firefox 2.0.0.9 |
||
mozilla seamonkey 1.1 |
||
mozilla seamonkey 1.1.8 |
||
mozilla firefox |
||
mozilla firefox 2.0.0.10 |
||
mozilla firefox 2.0.0.11 |
||
mozilla firefox 2.0.0.7 |
||
mozilla firefox 2.0.0.8 |
||
mozilla seamonkey 1.1.6 |
||
mozilla seamonkey 1.1.7 |
||
mozilla firefox 2.0.0.2 |
||
mozilla firefox 2.0.0.3 |
||
mozilla firefox 2.0.0.4 |
||
mozilla seamonkey 1.1.2 |
||
mozilla seamonkey 1.1.3 |
||
mozilla seamonkey |
||
mozilla firefox 2.0 |
||
mozilla firefox 2.0.0.1 |
||
mozilla firefox 2.0.0.5 |
||
mozilla firefox 2.0.0.6 |
||
mozilla seamonkey 1.1.4 |
||
mozilla seamonkey 1.1.5 |