Vulnerabilities

CVE-2010-0178

by Fred · 05/04/2010

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.

Date published : 2010-04-05

http://www.mozilla.org/security/announce/2010/mfsa2010-20.html

https://bugzilla.mozilla.org/show_bug.cgi?id=546909

Similar

Tags: Cybersecurity Alert