Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox缓存XUL样式表更改浏览器UI漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Mozilla Firefox的layout/style/nsCSSLoader.cpp功能的CSSLoaderImpl::DoSheetComplete函数存在未明安全漏洞。远程XUL文档所使用的样式表可能会污染用户的XUL缓存,而浏览器Chrome之后会使用这个缓存确定用户界面的样式。恶意网站可以利用这个漏洞更改浏览器的样式属性,如字体大小和颜色。
CVSS Information
N/A
Vulnerability Type
N/A