VDB
CVE-2010-0170
CVE-2010-0170
PUBLISHED
Reported by mitre · Published March 25, 2010
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Mar 25, 2010 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 2, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- 38918 vdb-entryx_refsource_BID
- 38919 vdb-entryx_refsource_BID
- oval:org.mitre.oval:def:8602 vdb-entrysignaturex_refsource_OVAL
- x_refsource_CONFIRM
- MDVSA-2010:070 vendor-advisoryx_refsource_MANDRIVA
- ADV-2010-0692 vdb-entryx_refsource_VUPEN
- x_refsource_CONFIRM