dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-07-29T18:00:00
Updated: 2017-09-18T12:57:01
Reserved: 2010-07-14T00:00:00
Link: CVE-2010-2754
JSON object: View
NVD Information
Status : Modified
Published: 2010-07-30T13:26:18.787
Modified: 2017-09-19T01:31:06.877
Link: CVE-2010-2754
JSON object: View
Redhat Information
No data.
CWE