CVE-2009-2472

Priority
Description
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper
when required during object construction, which allows remote attackers to
bypass the Same Origin Policy and conduct cross-site scripting (XSS)
attacks via a crafted document, related to a "cross origin wrapper bypass."
Notes
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 20:53:30 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)