1. Home
  2. CVEs with oval.description==Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.
Max CVSS 6.8 Min CVSS 6.8 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2010-3771 6.8
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome priv
19-09-2017 - 01:31 10-12-2010 - 19:00
Back to Top Mark selected
Back to Top