Mozilla Firefox prior to 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote malicious users to bypass cross-site scripting (XSS) protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla firefox 3.6 |