Code injection

2012-08-2910:56:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.3%

JSON

The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.

CPENameOperatorVersion
firefoxeq4.0 beta6
firefoxeq4.0 beta1
firefoxeq3.6.2
firefoxeq2.0.0.12
firefoxeq1.5 beta2
firefoxeq3.0.17
firefoxeq3.5.3
firefoxeq3.0.7
firefoxeq1.5.2
firefoxeq8.0

Name	Operator	Version
firefox	eq	4.0 beta6
firefox	eq	4.0 beta1
firefox	eq	3.6.2
firefox	eq	2.0.0.12
firefox	eq	1.5 beta2
firefox	eq	3.0.17
firefox	eq	3.5.3
firefox	eq	3.0.7
firefox	eq	1.5.2
firefox	eq	8.0