Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox和SeaMonkey 代码注入漏洞
Vulnerability Description
Mozilla Firefox和SeaMonkey都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器。SeaMonkey是一套免费、开源以及跨平台的网络套装软件。 Mozilla Firefox 34.0.5及之前版本和SeaMonkey 2.31及之前版本的XrayWrapper实现过程中存在安全漏洞,该漏洞源于程序没有正确处理与特制的DOM对象的交互。远程攻击者可利用该漏洞以chrome权限执行任意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A