Upstream information
Description
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
National Vulnerability Database | |
---|---|
Base Score | 4.3 |
Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Access Vector | Network |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | Partial |
Availability Impact | None |
- SUSE-SA:2010:049, published Tue, 12 Oct 2010 13:00:00 +0000
- SUSE-SA:2010:056, published Mon, 08 Nov 2010 09:00:00 +0000
- openSUSE-SU-2014:1100-1, published Tue, 9 Sep 2014 18:04:16 +0200 (CEST)
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 |
| |
SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 |
| |
SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP3 |
| |
SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP4 |
| |
SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Server 12 |
| |
SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 |
| |
SUSE Linux Enterprise Module for Desktop Applications 15 |
| |
SUSE Linux Enterprise Server 11 SP1 |
| Patchnames: slessp1-MozillaFirefox |
SUSE Linux Enterprise Server 11 SP2 |
| |
SUSE Linux Enterprise Server 11 SP3 |
| |
SUSE Linux Enterprise Server 11 SP4 |
| |
SUSE Linux Enterprise Server 11 |
| Patchnames: slessp0-MozillaFirefox |
SUSE Linux Enterprise Server for SAP Applications 11 |
| Patchnames: slessp0-MozillaFirefox |
SUSE Linux Enterprise Software Development Kit 11 SP4 |
| |
SUSE Linux Enterprise Software Development Kit 12 SP1 |
| |
SUSE Linux Enterprise Software Development Kit 12 SP2 |
| |
SUSE Linux Enterprise Software Development Kit 12 SP3 |
| |
SUSE Linux Enterprise Software Development Kit 12 SP4 |
| |
SUSE Linux Enterprise Software Development Kit 12 SP5 |
| |
SUSE Linux Enterprise Software Development Kit 12 |
| |
SUSE Linux Enterprise Workstation Extension 15 SP1 |
| |
SUSE Linux Enterprise Workstation Extension 15 |
| |
openSUSE Leap 15.0 |
| Patchnames: openSUSE Leap 15.0 GA MozillaFirefox openSUSE Leap 15.0 GA MozillaThunderbird |
openSUSE Leap 42.1 |
| Patchnames: openSUSE Leap 42.1 GA MozillaFirefox openSUSE Leap 42.1 GA MozillaThunderbird |
openSUSE Leap 42.2 |
| Patchnames: openSUSE Leap 42.2 GA MozillaFirefox openSUSE Leap 42.2 GA MozillaThunderbird |
openSUSE Leap 42.3 |
| Patchnames: openSUSE Leap 42.3 GA MozillaFirefox openSUSE Leap 42.3 GA MozillaThunderbird |
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA MozillaFirefox openSUSE Tumbleweed GA MozillaThunderbird openSUSE Tumbleweed GA seamonkey |