Security Advisory

CVE-2009-2472

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-07-22 18:00:00

Last updated 2024-08-07 05:52:14

Assigner redhat

State PUBLISHED

Description

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

← Browse all CVEs View on cve.org ↗