The drag-and-drop implementation in Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 allows remote malicious users to spoof the address bar by canceling a page load.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 4.0 |
||
mozilla firefox 8.0 |
||
mozilla firefox 8.0.1 |
||
mozilla firefox 7.0.1 |
||
mozilla firefox 7.0 |
||
mozilla firefox 12.0 |
||
mozilla firefox 13.0 |
||
mozilla firefox 5.0 |
||
mozilla firefox 5.0.1 |
||
mozilla firefox 6.0 |
||
mozilla firefox 9.0.1 |
||
mozilla firefox 9.0 |
||
mozilla firefox 4.0.1 |
||
mozilla firefox 6.0.2 |
||
mozilla firefox 6.0.1 |
||
mozilla firefox 11.0 |
||
mozilla firefox esr 10.0.1 |
||
mozilla firefox esr 10.0.5 |
||
mozilla firefox esr 10.0.2 |
||
mozilla firefox esr 10.0.3 |
||
mozilla firefox esr 10.0.4 |
||
mozilla firefox esr 10.0 |