Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox和SeaMonkey设计错误漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。Mozilla SeaMonkey是美国Mozilla基金会开发的一个免费、开源以及跨平台的网络套装软件。 Mozilla Firefox 3.5.16之前版本和3.6.13之前的3.6.x版本,以及SeaMonkey 2.0.11之前版本不能正确处理某些涉及data: URLs和Java LiveConnect脚本的重定向。远程攻击者可借助与META元素的http-equiv属性中的更新值有关的向量启动进程,读取任意本地
CVSS Information
N/A
Vulnerability Type
N/A