The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2006-02-02T23:00:00
Updated: 2018-10-19T14:57:01
Reserved: 2006-01-18T00:00:00
Link: CVE-2006-0299
JSON object: View
NVD Information
Status : Modified
Published: 2006-02-02T23:06:00.000
Modified: 2018-10-19T15:44:08.187
Link: CVE-2006-0299
JSON object: View
Redhat Information
No data.
CWE