Vulnerabilities

CVE-2009-2472

by Fred · 22/07/2009

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

Date published : 2009-07-22

http://www.securityfocus.com/bid/35758

http://www.mozilla.org/security/announce/2009/mfsa2009-40.html

Similar

Tags: Cybersecurity Alert