- Home
- CVEs with nessus.description==The installed version of Firefox 3.0 is earlier than 3.0.5. Such versions are potentially affected by the following security issues :
- There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2008-60)
- The 'persist' attribute in XUL elements can be used to store cookie-like information on a user's computer.
(MFSA 2008-63)
- Sensitive data may be disclosed in an XHR response when an XMLHttpRequest is made to a same-origin resource, which 302 redirects to a resource in a different domain. (MFSA 2008-64)
- A website may be able to access a limited amount of data from a different domain by loading a same-domain JavaScript URL that redirects to an off-domain target resource containing data which is not parsable as JavaScript. (MFSA 2008-65)
- Errors arise when parsing URLs with leading whitespace and control characters. (MFSA 2008-66)
- An escaped null byte is ignored by the CSS parser and treated as if it was not present in the CSS input string. (MFSA 2008-67)
- XSS and JavaScript privilege escalation are possible.
(MFSA 2008-68)
- XSS vulnerabilities in SessionStore may allow for violating the browser's same-origin policy and performing an XSS attack or running arbitrary JavaScript with chrome privileges. (MFSA 2008-69)
- Creating a Select object with a very large length can result in memory exhaustion, causing a denial of service. (CVE-2009-2535)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top