CVE-2013-0795 (retired)

Priority
Description
The System Only Wrapper (SOW) implementation in Mozilla Firefox before
20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5,
Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not
prevent use of the cloneNode method for cloning a protected node, which
allows remote attackers to bypass the Same Origin Policy or possibly
execute arbitrary JavaScript code with chrome privileges via a crafted web
site.
Notes
 jdstrand> xulrunner-1.9.2 unmaintained upstream (see README.mozilla for
  details)
Assigned-to
chrisccoulson
Package
Upstream:released (20.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (20.0+build1-0ubuntu1)
Package
Upstream:pending (2.17)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Priority: Low
Upstream:released (17.0.5)
Ubuntu 14.04 LTS (Trusty Tahr):released (17.0.5+build1-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:06:20 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)