The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox prior to 3.5.17 and 3.6.x prior to 3.6.14, Thunderbird prior to 3.1.8, and SeaMonkey prior to 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote malicious users to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 3.6.4 |
||
mozilla firefox 3.6.6 |
||
mozilla firefox 3.6.13 |
||
mozilla firefox 3.6.2 |
||
mozilla firefox 3.6.3 |
||
mozilla firefox 3.6.11 |
||
mozilla firefox 3.6.12 |
||
mozilla firefox 3.6.8 |
||
mozilla firefox 3.6.10 |
||
mozilla firefox 3.6.9 |
||
mozilla firefox 3.6.7 |
||
mozilla firefox 3.6 |
||
mozilla seamonkey 1.0.6 |
||
mozilla seamonkey 1.0.7 |
||
mozilla seamonkey 1.0 |
||
mozilla seamonkey 1.1.11 |
||
mozilla seamonkey 1.1.19 |
||
mozilla seamonkey 1.1.2 |
||
mozilla seamonkey 1.1.9 |
||
mozilla seamonkey 1.1 |
||
mozilla seamonkey 2.0.2 |
||
mozilla seamonkey 2.0.3 |
||
mozilla seamonkey 2.0 |
||
mozilla seamonkey 2.0.5 |
||
mozilla seamonkey 1.0.4 |
||
mozilla seamonkey 1.0.5 |
||
mozilla seamonkey 1.1.10 |
||
mozilla seamonkey 1.1.17 |
||
mozilla seamonkey 1.1.18 |
||
mozilla seamonkey 1.1.7 |
||
mozilla seamonkey 1.1.8 |
||
mozilla seamonkey 2.0.1 |
||
mozilla seamonkey 2.0.10 |
||
mozilla seamonkey |
||
mozilla seamonkey 1.0.2 |
||
mozilla seamonkey 1.0.3 |
||
mozilla seamonkey 1.1.1 |
||
mozilla seamonkey 1.1.15 |
||
mozilla seamonkey 1.1.16 |
||
mozilla seamonkey 1.1.5 |
||
mozilla seamonkey 1.1.6 |
||
mozilla seamonkey 1.5.0.8 |
||
mozilla seamonkey 1.5.0.9 |
||
mozilla seamonkey 2.0.8 |
||
mozilla seamonkey 2.0.9 |
||
mozilla seamonkey 1.0.1 |
||
mozilla seamonkey 1.0.8 |
||
mozilla seamonkey 1.0.9 |
||
mozilla seamonkey 1.1.12 |
||
mozilla seamonkey 1.1.13 |
||
mozilla seamonkey 1.1.14 |
||
mozilla seamonkey 1.1.3 |
||
mozilla seamonkey 1.1.4 |
||
mozilla seamonkey 1.5.0.10 |
||
mozilla seamonkey 2.0.4 |
||
mozilla seamonkey 2.0.6 |
||
mozilla seamonkey 2.0.7 |
||
mozilla firefox 3.5.6 |
||
mozilla firefox 3.5.7 |
||
mozilla firefox 3.0.14 |
||
mozilla firefox 3.0.13 |
||
mozilla firefox 3.0.6 |
||
mozilla firefox 3.0.5 |
||
mozilla firefox 2.0.0.12 |
||
mozilla firefox 2.0.0.19 |
||
mozilla firefox 2.0.0.20 |
||
mozilla firefox 2.0.0.15 |
||
mozilla firefox 2.0.0.13 |
||
mozilla firefox 2.0.0.3 |
||
mozilla firefox 2.0.0.2 |
||
mozilla firefox 1.5.0.12 |
||
mozilla firefox 1.5.0.1 |
||
mozilla firefox 1.5.0.8 |
||
mozilla firefox 1.5.0.9 |
||
mozilla firefox 1.5.5 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.8 |
||
mozilla firefox 1.0 |
||
mozilla firefox 3.5.4 |
||
mozilla firefox 3.5.5 |
||
mozilla firefox 3.0.16 |
||
mozilla firefox 3.0.15 |
||
mozilla firefox 3.0.8 |
||
mozilla firefox 3.0.7 |
||
mozilla firefox 3.0 |
||
mozilla firefox 2.0.0.14 |
||
mozilla firefox 2.0.0.16 |
||
mozilla firefox 2.0.0.11 |
||
mozilla firefox 2.0.0.5 |
||
mozilla firefox 2.0.0.4 |
||
mozilla firefox 1.5.0.2 |
||
mozilla firefox 1.5.0.3 |
||
mozilla firefox 1.5.0.11 |
||
mozilla firefox 1.5.1 |
||
mozilla firefox 1.5.2 |
||
mozilla firefox 1.5.7 |
||
mozilla firefox 1.5.6 |
||
mozilla firefox 1.0.4 |
||
mozilla firefox 1.0.7 |
||
mozilla firefox 1.0.6 |
||
mozilla firefox 3.5.15 |
||
mozilla firefox |
||
mozilla firefox 3.5.1 |
||
mozilla firefox 3.5.10 |
||
mozilla firefox 3.5.9 |
||
mozilla firefox 3.5.8 |
||
mozilla firefox 3.0.12 |
||
mozilla firefox 3.0.11 |
||
mozilla firefox 3.0.4 |
||
mozilla firefox 3.0.3 |
||
mozilla firefox 2.0.0.8 |
||
mozilla firefox 2.0.0.9 |
||
mozilla firefox 2.0.0.7 |
||
mozilla firefox 2.0 |
||
mozilla firefox 2.0.0.1 |
||
mozilla firefox 1.5 |
||
mozilla firefox 1.5.0.10 |
||
mozilla firefox 1.5.0.6 |
||
mozilla firefox 1.5.0.7 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 3.5.11 |
||
mozilla firefox 3.5.12 |
||
mozilla firefox 3.5.2 |
||
mozilla firefox 3.5.3 |
||
mozilla firefox 3.5 |
||
mozilla firefox 3.0.17 |
||
mozilla firefox 3.0.10 |
||
mozilla firefox 3.0.9 |
||
mozilla firefox 3.0.2 |
||
mozilla firefox 3.0.1 |
||
mozilla firefox 2.0.0.17 |
||
mozilla firefox 2.0.0.10 |
||
mozilla firefox 2.0.0.18 |
||
mozilla firefox 2.0.0.6 |
||
mozilla firefox 1.5.0.4 |
||
mozilla firefox 1.5.0.5 |
||
mozilla firefox 1.5.3 |
||
mozilla firefox 1.5.4 |
||
mozilla firefox 1.5.8 |
||
mozilla firefox 1.0.2 |
||
mozilla firefox 1.0.5 |
||
mozilla firefox 3.5.13 |
||
mozilla firefox 3.5.14 |
||
mozilla thunderbird 3.0.9 |
||
mozilla thunderbird 3.0.7 |
||
mozilla thunderbird 3.0.6 |
||
mozilla thunderbird 2.0.0.5 |
||
mozilla thunderbird 2.0.0.4 |
||
mozilla thunderbird 2.0.0.17 |
||
mozilla thunderbird 2.0.0.22 |
||
mozilla thunderbird 1.5.2 |
||
mozilla thunderbird 1.5.1 |
||
mozilla thunderbird 1.0.5 |
||
mozilla thunderbird 1.5.0.3 |
||
mozilla thunderbird 3.0.1 |
||
mozilla thunderbird 3.0.8 |
||
mozilla thunderbird 2.0.0.19 |
||
mozilla thunderbird 2.0.0.12 |
||
mozilla thunderbird 2.0.0.16 |
||
mozilla thunderbird 2.0.0.14 |
||
mozilla thunderbird 1.5.0.9 |
||
mozilla thunderbird 1.5.0.8 |
||
mozilla thunderbird 1.0.3 |
||
mozilla thunderbird 1.0.4 |
||
mozilla thunderbird 1.5.0.10 |
||
mozilla thunderbird 1.5.0.11 |
||
mozilla thunderbird 1.5.0.14 |
||
mozilla thunderbird 1.5 |
||
mozilla thunderbird 0.9 |
||
mozilla thunderbird 0.1 |
||
mozilla thunderbird 3.1.1 |
||
mozilla thunderbird 3.1.2 |
||
mozilla thunderbird 3.0.11 |
||
mozilla thunderbird 3.0 |
||
mozilla thunderbird 3.0.5 |
||
mozilla thunderbird 3.0.4 |
||
mozilla thunderbird 2.0.0.1 |
||
mozilla thunderbird 2.0.0.8 |
||
mozilla thunderbird 2.0.0.7 |
||
mozilla thunderbird 2.0.0.9 |
||
mozilla thunderbird 2.0.0.23 |
||
mozilla thunderbird 1.0.6 |
||
mozilla thunderbird 1.0.7 |
||
mozilla thunderbird 1.0.8 |
||
mozilla thunderbird 1.5.0.4 |
||
mozilla thunderbird 1.5.0.6 |
||
mozilla thunderbird 1.5.0.5 |
||
mozilla thunderbird 1.7.1 |
||
mozilla thunderbird 0.7.3 |
||
mozilla thunderbird 0.7 |
||
mozilla thunderbird 0.6 |
||
mozilla thunderbird 0.3 |
||
mozilla thunderbird 3.1.5 |
||
mozilla thunderbird 3.1.6 |
||
mozilla thunderbird 1.5.0.2 |
||
mozilla thunderbird 1.5.0.12 |
||
mozilla thunderbird 1.0 |
||
mozilla thunderbird 1.0.1 |
||
mozilla thunderbird 0.7.2 |
||
mozilla thunderbird 0.2 |
||
mozilla thunderbird 0.5 |
||
mozilla thunderbird 3.1.3 |
||
mozilla thunderbird 3.1.4 |
||
mozilla thunderbird 3.0.2 |
||
mozilla thunderbird 3.0.3 |
||
mozilla thunderbird 2.0.0.0 |
||
mozilla thunderbird 2.0.0.3 |
||
mozilla thunderbird 2.0.0.2 |
||
mozilla thunderbird 2.0 |
||
mozilla thunderbird 2.0.0.21 |
||
mozilla thunderbird 2.0.0.6 |
||
mozilla thunderbird 2.0.0.18 |
||
mozilla thunderbird 1.0.2 |
||
mozilla thunderbird 1.5.0.7 |
||
mozilla thunderbird 1.5.0.1 |
||
mozilla thunderbird 1.7.3 |
||
mozilla thunderbird 1.5.0.13 |
||
mozilla thunderbird 0.7.1 |
||
mozilla thunderbird 0.8 |
||
mozilla thunderbird 0.4 |
||
mozilla thunderbird 3.1 |
||
mozilla thunderbird |
||
mozilla thunderbird 3.0.10 |