FLAT-QL982 – Vulnerability | Fluid Attacks Database

Database

Description

content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel5	nspr	<0:4.7.6-1.el5_4	0:4.7.6-1.el5_4
rpm rhel5	firefox	<0:3.0.15-3.el5_4	0:3.0.15-3.el5_4
rpm rhel5	xulrunner	<0:1.9.0.15-3.el5_4	0:1.9.0.15-3.el5_4

Aliases

1. CVE-2009-33752. NVD-2009-33753. OSV-2009-3375