CVE-2006-0299
Publication date 2 February 2006
Last updated 17 July 2025
Ubuntu priority
The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal “AnyName” object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 7.04 feisty |
Fixed 2.0.0.6+1-0ubuntu1
|
6.10 edgy |
Fixed 2.0.0.6+0dfsg-0ubuntu0.6.10
|
|
6.06 LTS dapper |
Fixed 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
|
|
firefox-granparadiso | 7.04 feisty | Not in release |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
lightning-sunbird | 7.04 feisty | Not in release |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
midbrowser | 7.04 feisty | Not in release |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
mozilla-thunderbird | 7.04 feisty |
Fixed 1.5.0.13-0ubuntu0.7.04
|
6.10 edgy |
Fixed 1.5.0.13-0ubuntu0.6.10
|
|
6.06 LTS dapper |
Fixed 1.5.0.13-0ubuntu0.6.06
|