Total vulnerabilities in the database
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are removed from JavaScript code before execution, aka "Stripped BOM characters bug."
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | - | 2.0.0.17 |
| mozilla / firefox | 3.0 | 3.0.2 |
| mozilla / seamonkey | - | 1.1.12 |
| mozilla / thunderbird | - | 2.0.0.17 |
| debian / debian_linux | 4.0 | 4.0.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
| canonical / ubuntu_linux | 7.04 | 7.04.x |
| canonical / ubuntu_linux | 7.10 | 7.10.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |