New Search

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.

oval:org.mitre.oval:def:14212

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008
  • Microsoft Windows 2000
  • Microsoft Windows Vista
  • Microsoft Windows 7
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2011-3648
Product(s):
  • Mozilla Firefox
  • Mozilla Thunderbird