CVE-2006-0299
Published: 02 February 2006
The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
firefox-granparadiso Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
lightning-sunbird Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
midbrowser Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
mozilla-thunderbird Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|