The Chrome Object Wrapper (COW) implementation in Mozilla Firefox prior to 34.0 and SeaMonkey prior to 2.31 supports native-interface passing, which allows remote malicious users to bypass intended DOM object restrictions via a call to an unspecified method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla seamonkey |
||
mozilla firefox |