CVE-2007-0780

Priority
Untriaged
Description
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2,
and SeaMonkey before 1.0.8 uses the requesting URI to identify child
windows, which allows remote attackers to conduct cross-site scripting
(XSS) attacks by opening a blocked popup originating from a javascript: URI
in combination with multiple frames having the same data: URI.
References
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (0.1.6b-0ubuntu2)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.0.10-3ubuntu1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (0.5-0ubuntu4)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:17:40 UTC (commit 5347)