CVE-2009-3988

Priority
Description
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey
before 2.0.3, does not properly restrict read access to object properties
in showModalDialog, which allows remote attackers to bypass the Same Origin
Policy and conduct cross-site scripting (XSS) attacks via crafted
dialogArguments values.
Assigned-to
asac
Notes
Package
Upstream:released (3.6)
Package
Priority: Negligible
Upstream:needs-triage
Package
Upstream:released (2.0.3)
Package
Priority: Negligible
Upstream:released (3.0.2)
Package
Upstream:released (1.9.0.18)
Package
Upstream:released (1.9.1.8)
More Information

Updated: 2020-09-10 01:33:03 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)