CVE-2009-0354 (retired)

Priority
Description
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x
before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and
access the properties of an arbitrary window and conduct cross-site
scripting (XSS) attacks, via vectors involving a chrome XBL method and the
window.eval function.
Assigned-to
asac
Package
Upstream:not-affected
Package
Upstream:released (3.0.6)
Package
Upstream:not-affected
Package
Upstream:needs-triage
Package
Upstream:not-affected
Package
Upstream:not-affected
Package
Upstream:released (1.9.0.6)
More Information

Updated: 2019-03-26 11:47:00 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)