The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-07-30T20:00:00
Updated: 2017-09-18T12:57:01
Reserved: 2010-03-30T00:00:00
Link: CVE-2010-1213
JSON object: View
NVD Information
Status : Modified
Published: 2010-07-30T20:30:01.583
Modified: 2017-09-19T01:30:37.220
Link: CVE-2010-1213
JSON object: View
Redhat Information
No data.
CWE