CVE-2009-3985 (retired)

Priority
Description
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before
2.0.1, allows remote attackers to associate spoofed content with an invalid
URL by setting document.location to this URL, and then writing arbitrary
web script or HTML to the associated blank document, a related issue to
CVE-2009-2654.
Package
Upstream:needs-triage
Package
Upstream:released (2.0.1)
Package
Upstream:released (1.9.0.16)
Package
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:19:50 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)