Mozilla Firefox prior to 37.0, Firefox ESR 31.x prior to 31.6, and Thunderbird prior to 31.6 allow remote malicious users to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 31.2 |
||
mozilla firefox esr 31.3 |
||
mozilla firefox esr 31.0 |
||
mozilla firefox esr 31.1 |
||
mozilla firefox esr 31.5 |
||
mozilla firefox esr 31.5.1 |
||
mozilla firefox |
||
mozilla firefox esr |
||
mozilla firefox esr 31.3.0 |
||
mozilla firefox esr 31.4 |
||
mozilla firefox esr 31.1.0 |
||
mozilla firefox esr 31.1.1 |
||
mozilla firefox esr 31.5.2 |
||
mozilla thunderbird |