Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2010-2768
Beschreibung:Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.67979  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2010-2768
BugTraq ID: 43101
http://www.securityfocus.com/bid/43101
Debian Security Information: DSA-2106 (Google Search)
http://www.debian.org/security/2010/dsa-2106
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:173
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11735
http://secunia.com/advisories/42867
SuSE Security Announcement: SUSE-SA:2010:049 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html
http://www.vupen.com/english/advisories/2010/2323
http://www.vupen.com/english/advisories/2011/0061




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.