Total vulnerabilities in the database
Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | 0.8 | 0.8.x |
| mozilla / firefox | 1.5-beta2 | 1.5-beta2.x |
| mozilla / firefox | 1.5.2 | 1.5.2.x |
| mozilla / firefox | 1.5.0.3 | 1.5.0.3.x |
| mozilla / firefox | 1.0.2 | 1.0.2.x |
| mozilla / firefox | 1.5-beta1 | 1.5-beta1.x |
| mozilla / firefox | 1.5 | 1.5.x |
| mozilla / firefox | 0.9.1 | 0.9.1.x |
| mozilla / firefox | 1.0.4 | 1.0.4.x |
| mozilla / firefox | 1.0.7 | 1.0.7.x |
| mozilla / firefox | 0.10.1 | 0.10.1.x |
| mozilla / firefox | 0.9 | 0.9.x |
| mozilla / firefox | 1.0 | 1.0.x |
| mozilla / firefox | 1.0.1 | 1.0.1.x |
| mozilla / firefox | 1.0.6 | 1.0.6.x |
| mozilla / firefox | preview_release | preview_release.x |
| mozilla / firefox | 1.5.0.2 | 1.5.0.2.x |
| mozilla / firefox | 1.0.3 | 1.0.3.x |
| mozilla / firefox | 1.5.1 | 1.5.1.x |
| mozilla / firefox | 0.9.3 | 0.9.3.x |
| mozilla / firefox | 0.9.2 | 0.9.2.x |
| mozilla / firefox | 0.9-rc | 0.9-rc.x |
| mozilla / firefox | 1.5.3 | 1.5.3.x |
| mozilla / firefox | 1.5.0.4 | 1.5.0.4.x |
| mozilla / firefox | 1.5.0.1 | 1.5.0.1.x |
| mozilla / firefox | 0.10 | 0.10.x |
| mozilla / firefox | 1.0.5 | 1.0.5.x |
| mozilla / firefox | 2.0-rc3 | 2.0-rc3.x |
| mozilla / firefox | 1.0.8 | 1.0.8.x |