Reflected cross-site scripting (XSS) In xulrunner
Description
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 rpm rhel5 | 0:1.9.0.5-1.el5_2 | ||
rpm rhel5 | 0:4.7.3-2.el5 | ||
rpm rhel5 | 0:3.0.5-1.el5_2 | ||
rpm rhel5 | 0:2.0.0.19-1.el5_2 | ||
rpm rhel5 | 0:3.12.2.0-2.el5 |
Aliases
1. 2. 3.