Vulnerabilities

CVE-2009-1840

by Fred · 12/06/2009

Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.

Date published : 2009-06-12

http://www.securityfocus.com/bid/35326

http://www.mozilla.org/security/announce/2009/mfsa2009-31.html

Similar

Tags: Cybersecurity Alert