The session restore feature in Mozilla Firefox 3.x prior to 3.0.4 and 2.x prior to 2.0.0.18 allows remote malicious users to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 8.10 |