CVE-2010-0169

Priority
Medium
Description
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp
in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x
before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes
the case of certain strings in a stylesheet before adding this stylesheet
to the XUL cache, which might allow remote attackers to modify the
browser's font and other CSS attributes, and potentially disrupt rendering
of a web page, by forcing the browser to perform this erroneous stylesheet
caching.
References
Bugs
Assigned-to
chriscoulson
Package
Upstream:released (3.0.2)
Package
Upstream:released (1.9.1.9)
Package
Upstream:released (2.0.3)
Package
Upstream:released (3.6.2)
Package
Upstream:released (1.9.0.19)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:37:42 UTC (commit 9756)