Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-03-25T20:31:00
Updated: 2017-09-18T12:57:01
Reserved: 2010-01-06T00:00:00
Link: CVE-2010-0170
JSON object: View
NVD Information
Status : Modified
Published: 2010-03-25T21:00:00.563
Modified: 2017-09-19T01:30:15.437
Link: CVE-2010-0170
JSON object: View
Redhat Information
No data.
CWE