CVE-2006-0299

Published: 02 February 2006

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.

Priority

Unknown

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

firefox-granparadiso
Launchpad, Ubuntu, Debian
Upstream Needs triage

lightning-sunbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

midbrowser
Launchpad, Ubuntu, Debian
Upstream Needs triage

mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage