Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, and SeaMonkey prior to 1.1.12, allow user-assisted remote malicious users to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla seamonkey |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.04 |