Lucene search
Veracode Vulnerability DatabaseVERACODE:23975HistoryApr 10, 2020 - 12:42 a.m.
Cross-site Scripting (XSS)
2020-04-1000:42:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
EPSS
0.003
Percentile
68.9%
SeaMonkey is vulnerable to cross-site scripting (XSS). The attack is possible because remote attackers can perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object.
References
www.mozilla.org/security/announce/2010/mfsa2010-12.html
www.redhat.com/security/updates/classification/#critical
www.securityfocus.com/bid/38918
www.vupen.com/english/advisories/2010/0692
access.redhat.com/errata/RHSA-2010:0113
bugzilla.mozilla.org/show_bug.cgi?id=531364
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10773
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7743
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-12
2010-04-06 00:00:00
seebug
seebug
Mozilla Firefox addEventListener和setTimeout实现跨站脚本漏洞
2010-03-26 00:00:00
mozilla
mozilla
XSS using addEventListener and setTimeout on a wrapped object — Mozilla
2010-03-23 00:00:00
ubuntucve
ubuntucve
CVE-2010-0171
2010-03-25 00:00:00
prion
prion
Cross site scripting
2010-03-25 21:00:00
cvelist
cvelist
CVE-2010-0171
2010-03-25 20:31:00
nvd
nvd
CVE-2010-0171
2010-03-25 21:00:00
cve
cve
CVE-2010-0171
2010-03-25 21:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities (Mar 2010) - Linux
2010-03-30 00:00:00
Mozilla Products Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
Mozilla Products Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
centos
centos
seamonkey security update
2010-02-18 00:29:51
firefox, xulrunner security update
2010-02-18 00:33:18
thunderbird security update
2010-03-17 18:24:23
oraclelinux
oraclelinux
seamonkey security update
2010-02-17 00:00:00
firefox security update
2010-02-17 00:00:00
thunderbird security update
2010-03-17 00:00:00
redhat
redhat
(RHSA-2010:0113) Critical: seamonkey security update
2010-02-17 00:00:00
(RHSA-2010:0112) Critical: firefox security update
2010-02-17 00:00:00
(RHSA-2010:0154) Moderate: thunderbird security update
2010-03-17 00:00:00
nessus
nessus
Mozilla Thunderbird < 3.0.2 Multiple Vulnerabilities
2010-03-02 00:00:00
Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0113)
2013-07-12 00:00:00
RHEL 3 / 4 : seamonkey (RHSA-2010:0113)
2010-02-18 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00