CVE-2013-1727
Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | - | 23.0.1.x |
| mozilla / firefox | 19.0 | 19.0.x |
| mozilla / firefox | 19.0.1 | 19.0.1.x |
| mozilla / firefox | 19.0.2 | 19.0.2.x |
| mozilla / firefox | 20.0 | 20.0.x |
| mozilla / firefox | 20.0.1 | 20.0.1.x |
| mozilla / firefox | 21.0 | 21.0.x |
| mozilla / firefox | 22.0 | 22.0.x |
| mozilla / firefox | 23.0 | 23.0.x |
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-84.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=782581
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime