Mozilla Firefox prior to 19.0, Firefox ESR 17.x prior to 17.0.3, Thunderbird prior to 17.0.3, Thunderbird ESR 17.x prior to 17.0.3, and SeaMonkey prior to 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird esr |
||
mozilla thunderbird |
||
mozilla seamonkey |
||
mozilla firefox esr |
||
mozilla firefox |
||
opensuse opensuse 11.4 |
||
opensuse opensuse 12.2 |
||
opensuse opensuse 12.1 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 10.04 |