Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox输入验证漏洞
Vulnerability Description
Mozilla Firefox是一款非常流行的开放源码WEB浏览器。 Mozilla Firefox 3.6.7之前的版本和Thunderbird 3.1.1之前的版本中的intl/uconv/util/nsUnicodeDecodeHelper.cpp存在漏洞。在涉及未定义的位置的某种环境中,向文本中插入一个U+FFFD序列,该漏洞可能更容易被远程攻击者通过制作的8位文本进行跨站脚本(XSS)攻击。一些8位编码包含有未定义的位置,映射到了U+FFFD。在显示的时候,可能不会显示紧随之后的字符。例如,wi
CVSS Information
N/A
Vulnerability Type
N/A