Lucene search

K

RedhatCVELIST:CVE-2006-0299

HistoryFeb 02, 2006 - 11:00 p.m.

CVE-2006-0299

2006-02-0223:00:00

redhat

www.cve.org

7

AI Score

5.9

Confidence

Low

EPSS

0.17

Percentile

96.1%

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal “AnyName” object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

References

secunia.com/advisories/18700

secunia.com/advisories/18704

secunia.com/advisories/22065

securitytracker.com/id?1015570

www.mozilla.org/security/announce/2006/mfsa2006-08.html

www.securityfocus.com/archive/1/446657/100/200/threaded

www.securityfocus.com/bid/16476

www.vupen.com/english/advisories/2006/0413

www.vupen.com/english/advisories/2006/3749

bugzilla.mozilla.org/show_bug.cgi?id=322312

exchange.xforce.ibmcloud.com/vulnerabilities/24437

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1625

AI Score

5.9

Confidence

Low

EPSS

0.17

Percentile

96.1%

Related for CVELIST:CVE-2006-0299

prion1 debiancve1 ubuntucve1 cve1 mozilla1 nvd1 nessus8 openvas2