Total vulnerabilities in the database
Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Location header. NOTE: the JavaScript executes outside of the context of the HTTP site.
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | 3.0.7 | 3.0.7.x |
| mozilla / firefox | 3.0.9 | 3.0.9.x |
| mozilla / firefox | 3.0.8 | 3.0.8.x |
| mozilla / firefox | 3.5 | 3.5.x |
| mozilla / firefox | 3.0.4 | 3.0.4.x |
| mozilla / firefox | 3.7-a1_pre | 3.7-a1_pre.x |
| mozilla / firefox | - | 3.0.13.x |
| mozilla / firefox | 3.0.5 | 3.0.5.x |
| mozilla / firefox | 3.6-a1_pre | 3.6-a1_pre.x |
| mozilla / firefox | 3.0-beta2 | 3.0-beta2.x |
| mozilla / firefox | 3.0.10 | 3.0.10.x |
| mozilla / firefox | 3.0.12 | 3.0.12.x |
| mozilla / firefox | 3.0.3 | 3.0.3.x |
| mozilla / firefox | 3.0.6 | 3.0.6.x |
| mozilla / firefox | 3.0 | 3.0.x |
| mozilla / firefox | 3.0.1 | 3.0.1.x |
| mozilla / firefox | 3.0.2 | 3.0.2.x |
| mozilla / firefox | 3.0-beta5 | 3.0-beta5.x |
| mozilla / firefox | 3.0-alpha | 3.0-alpha.x |
| mozilla / firefox | 3.0.11 | 3.0.11.x |