Mozilla Firefox 4.x through 5, Thunderbird prior to 6, SeaMonkey 2.x prior to 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote malicious users to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 4.0 |
||
mozilla firefox 4.0.1 |
||
mozilla firefox 5.0 |
||
mozilla thunderbird 2.0.0.1 |
||
mozilla thunderbird 1.5.0.8 |
||
mozilla thunderbird 1.5.2 |
||
mozilla thunderbird 1.5.1 |
||
mozilla thunderbird 3.0.1 |
||
mozilla thunderbird 1.0.6 |
||
mozilla thunderbird 3.0.8 |
||
mozilla thunderbird 1.0.4 |
||
mozilla thunderbird 1.5.0.4 |
||
mozilla thunderbird 3.1.6 |
||
mozilla thunderbird 1.5.0.11 |
||
mozilla thunderbird 1.5.0.2 |
||
mozilla thunderbird 2.0.0.21 |
||
mozilla thunderbird 3.0.10 |
||
mozilla thunderbird 2.0.0.23 |
||
mozilla thunderbird 1.7.1 |
||
mozilla thunderbird 0.7.1 |
||
mozilla thunderbird 2.0.0.6 |
||
mozilla thunderbird 0.2 |
||
mozilla thunderbird 0.5 |
||
mozilla thunderbird 2.0.0.2 |
||
mozilla thunderbird 1.5.0.9 |
||
mozilla thunderbird 2.0.0.4 |
||
mozilla thunderbird 3.0.3 |
||
mozilla thunderbird 1.0.2 |
||
mozilla thunderbird 1.0.3 |
||
mozilla thunderbird 3.1.7 |
||
mozilla thunderbird 3.1.3 |
||
mozilla thunderbird 3.0.11 |
||
mozilla thunderbird 3.0.9 |
||
mozilla thunderbird 1.5.0.10 |
||
mozilla thunderbird 2.0.0.7 |
||
mozilla thunderbird 2.0 |
||
mozilla thunderbird 2.0.0.22 |
||
mozilla thunderbird 2.0.0.9 |
||
mozilla thunderbird 0.7.3 |
||
mozilla thunderbird 0.7 |
||
mozilla thunderbird 0.9 |
||
mozilla thunderbird 0.1 |
||
mozilla thunderbird |
||
mozilla thunderbird 2.0.0.3 |
||
mozilla thunderbird 3.0.5 |
||
mozilla thunderbird 2.0.0.5 |
||
mozilla thunderbird 3.0.2 |
||
mozilla thunderbird 1.5 |
||
mozilla thunderbird 2.0.0.8 |
||
mozilla thunderbird 3.1.4 |
||
mozilla thunderbird 1.5.0.3 |
||
mozilla thunderbird 3.1.5 |
||
mozilla thunderbird 1.5.0.1 |
||
mozilla thunderbird 3.1.1 |
||
mozilla thunderbird 3.1 |
||
mozilla thunderbird 2.0.0.17 |
||
mozilla thunderbird 1.5.0.12 |
||
mozilla thunderbird 1.5.0.5 |
||
mozilla thunderbird 1.5.0.14 |
||
mozilla thunderbird 0.7.2 |
||
mozilla thunderbird 1.0.1 |
||
mozilla thunderbird 0.8 |
||
mozilla thunderbird 0.4 |
||
mozilla thunderbird 3.0.4 |
||
mozilla thunderbird 2.0.0.18 |
||
mozilla thunderbird 2.0.0.0 |
||
mozilla thunderbird 3.0 |
||
mozilla thunderbird 2.0.0.19 |
||
mozilla thunderbird 2.0.0.12 |
||
mozilla thunderbird 1.0.7 |
||
mozilla thunderbird 1.0.8 |
||
mozilla thunderbird 3.0.7 |
||
mozilla thunderbird 1.0.5 |
||
mozilla thunderbird 1.5.0.6 |
||
mozilla thunderbird 1.5.0.7 |
||
mozilla thunderbird 3.1.2 |
||
mozilla thunderbird 3.0.6 |
||
mozilla thunderbird 2.0.0.16 |
||
mozilla thunderbird 2.0.0.14 |
||
mozilla thunderbird 1.7.3 |
||
mozilla thunderbird 1.5.0.13 |
||
mozilla thunderbird 1.0 |
||
mozilla thunderbird 0.6 |
||
mozilla thunderbird 0.3 |
||
mozilla seamonkey 1.1.19 |
||
mozilla seamonkey 1.1.18 |
||
mozilla seamonkey 2.1 |
||
mozilla seamonkey 1.1.14 |
||
mozilla seamonkey 2.0.2 |
||
mozilla seamonkey 2.0.10 |
||
mozilla seamonkey 1.0 |
||
mozilla seamonkey 2.0.3 |
||
mozilla seamonkey 1.0.9 |
||
mozilla seamonkey 1.5.0.10 |
||
mozilla seamonkey 1.1.3 |
||
mozilla seamonkey 1.1.2 |
||
mozilla seamonkey 1.1 |
||
mozilla seamonkey 2.0 |
||
mozilla seamonkey 1.0.2 |
||
mozilla seamonkey 2.0.11 |
||
mozilla seamonkey 1.1.7 |
||
mozilla seamonkey 2.0.6 |
||
mozilla seamonkey 2.0.5 |
||
mozilla seamonkey 1.1.12 |
||
mozilla seamonkey 1.5.0.8 |
||
mozilla seamonkey 1.5.0.9 |
||
mozilla seamonkey 2.0.4 |
||
mozilla seamonkey 1.0.6 |
||
mozilla seamonkey 1.0.3 |
||
mozilla seamonkey 2.0.7 |
||
mozilla seamonkey 1.1.17 |
||
mozilla seamonkey 1.1.16 |
||
mozilla seamonkey 1.1.1 |
||
mozilla seamonkey 1.1.6 |
||
mozilla seamonkey 1.1.9 |
||
mozilla seamonkey 1.1.4 |
||
mozilla seamonkey 1.1.5 |
||
mozilla seamonkey 1.0.7 |
||
mozilla seamonkey 1.0.1 |
||
mozilla seamonkey 1.0.4 |
||
mozilla seamonkey 1.1.8 |
||
mozilla seamonkey 2.0.8 |
||
mozilla seamonkey 2.0.9 |
||
mozilla seamonkey 1.1.15 |
||
mozilla seamonkey 2.0.1 |
||
mozilla seamonkey 1.1.11 |
||
mozilla seamonkey 1.1.10 |
||
mozilla seamonkey 1.0.8 |
||
mozilla seamonkey 1.1.13 |
||
mozilla seamonkey 1.0.5 |